diff options
| author | Simo Sorce <ssorce@redhat.com> | 2008-08-06 17:22:51 -0400 |
|---|---|---|
| committer | Simo Sorce <ssorce@redhat.com> | 2008-09-10 15:43:40 -0400 |
| commit | 337c9abb277bc678d2034155aac484ada2d7025e (patch) | |
| tree | 4dc212e71a2c96ca6ff37d99d8b3f5f25d9ba187 | |
| parent | 25a63b2c4d207846e61b2e72963b10b0ddf07afe (diff) | |
| download | freeipa-337c9abb277bc678d2034155aac484ada2d7025e.tar.gz freeipa-337c9abb277bc678d2034155aac484ada2d7025e.tar.xz freeipa-337c9abb277bc678d2034155aac484ada2d7025e.zip | |
Treat Jan 1 1970 in krbPrincipalExpiration as a special date that means the account Never Expires
| -rw-r--r-- | ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c b/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c index 8144c5431..b20340df1 100644 --- a/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c +++ b/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c @@ -1224,10 +1224,11 @@ static int ipapwd_CheckPolicy(struct ipapwd_data *data) int tmp, ret; const char *old_pw; - /* check account is not expired */ + /* check account is not expired. Ignore unixtime = 0 (Jan 1 1970) */ krbPrincipalExpiration = slapi_entry_attr_get_charptr(data->target, "krbPrincipalExpiration"); - if (krbPrincipalExpiration) { - /* if expiration date set check it */ + if (krbPrincipalExpiration && + (strcasecmp("19700101000000Z", krbPrincipalExpiration) != 0)) { + /* if expiration date is set check it */ memset(&tm, 0, sizeof(struct tm)); ret = sscanf(krbPrincipalExpiration, "%04u%02u%02u%02u%02u%02u", @@ -1245,6 +1246,7 @@ static int ipapwd_CheckPolicy(struct ipapwd_data *data) } /* FIXME: else error out ? */ } + slapi_ch_free_string(&krbPrincipalExpiration); /* find the entry with the password policy */ ret = ipapwd_getPolicy(data->dn, data->target, &policy); |