[Fedora-directory-commits] ldapserver/ldap/admin/src/scripts DSMigration.pm.in, 1.14, 1.15

[Richard Allen Megginson (rmeggins)]

Author: rmeggins

Update of /cvs/dirsec/ldapserver/ldap/admin/src/scripts
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5955/ldapserver/ldap/admin/src/scripts

Modified Files:
	DSMigration.pm.in 
Log Message:
Resolves: bug 262021
Bug Description: Migration script does not migrate nsDS5ReplicaCredentials correctly.
Reviewed by: nhosoi (Thanks!)
Fix Description: We still need to be able to decrypt passwords using the broken method.  I guess it works on Solaris and HP because the values are already in network byte order.  But when the values were encrypted on x86, they were encrypted the wrong way.  It is safe to use MIGRATE_BROKEN_PWD on Solaris and HP because it is essentially a no-op.  But this allows us to decrypt x86 passwords and store them correctly.
Platforms tested: RHEL4 i386, RHEL5 x86_64
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none



Index: DSMigration.pm.in
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/scripts/DSMigration.pm.in,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- DSMigration.pm.in	14 Sep 2007 21:24:12 -0000	1.14
+++ DSMigration.pm.in	20 Sep 2007 20:27:34 -0000	1.15
@@ -180,7 +180,9 @@
     my ($ent, $attr, $mig, $inst) = @_;
     my $oldval = $ent->getValues($attr);
     debug(3, "Executing @bindir@/migratecred -o $mig->{actualsroot}/$inst -n @instconfigdir@/$inst -c \'$oldval\' . . .\n");
+    $ENV{MIGRATE_BROKEN_PWD} = "1"; # passwords prior to 8.0 were encrypted incorrectly
     my $newval = `@bindir@/migratecred -o $mig->{actualsroot}/$inst -n @instconfigdir@/$inst -c \'$oldval\'`;
+    delete $ENV{MIGRATE_BROKEN_PWD}; # clear the flag
     debug(3, "Converted old value [$oldval] to new value [$newval] for attr $attr in entry ", $ent->getDN(), "\n");
     return $newval;
 }