diff options
| author | Martin Nagy <mnagy@redhat.com> | 2008-09-10 00:46:09 +0200 |
|---|---|---|
| committer | Martin Nagy <mnagy@redhat.com> | 2008-09-11 23:34:01 +0200 |
| commit | 7206a6d43c0b23e2a5e723351a7a1f3215c158ae (patch) | |
| tree | 13cd56f9b7cbc0ac4d860fb69953115b442c488c | |
| parent | 885103c32127d10250564e25c5895464fb366f9e (diff) | |
| download | freeipa-7206a6d43c0b23e2a5e723351a7a1f3215c158ae.tar.gz freeipa-7206a6d43c0b23e2a5e723351a7a1f3215c158ae.tar.xz freeipa-7206a6d43c0b23e2a5e723351a7a1f3215c158ae.zip | |
More strict input checks in ipa-pwpolicy and return non-zero when unsuccessful. Fixes: 461213, 461325, 461332, 461543
| -rw-r--r-- | ipa-admintools/ipa-pwpolicy | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/ipa-admintools/ipa-pwpolicy b/ipa-admintools/ipa-pwpolicy index ee391842d..a129486d4 100644 --- a/ipa-admintools/ipa-pwpolicy +++ b/ipa-admintools/ipa-pwpolicy @@ -101,14 +101,16 @@ def update_policy(client, options): if options.minlength: validate.is_integer(options.minlength, min=0) new.setValue('krbpwdminlength', options.minlength) - except validate.VdtTypeError, e: - print "%s" % str(e) + except (validate.VdtTypeError, validate.VdtValueTooSmallError), e: + print e return 1 - except validate.VdtValueTooSmallError, e: - print "%s" % str(e) + + if int(new.getValue('krbminpwdlife')) > int(new.getValue('krbmaxpwdlife')): + print "Maximal length of password life must be greater then the minimal" return 1 client.update_password_policy(new) + return 0 def main(): options, args = parse_options() @@ -119,9 +121,7 @@ def main(): show_policy(client) return 0 - update_policy(client, options) - - return 0 + return update_policy(client, options) try: if __name__ == "__main__": |