summaryrefslogtreecommitdiffstats
path: root/daemons/ipa-kdb/ipa_kdb.h
diff options
context:
space:
mode:
authorNathaniel McCallum <npmccallum@redhat.com>2014-02-06 10:56:46 -0500
committerPetr Viktorin <pviktori@redhat.com>2014-02-14 16:03:24 +0100
commitfd55da9a27f76611b01c38c2741c13652d6a3e60 (patch)
tree4808a6b12a668fef703213578256ecd2a8245d7c /daemons/ipa-kdb/ipa_kdb.h
parenta91c0972b992dbd15e78f2ba6982768ac958e4bd (diff)
downloadfreeipa-fd55da9a27f76611b01c38c2741c13652d6a3e60.tar.gz
freeipa-fd55da9a27f76611b01c38c2741c13652d6a3e60.tar.xz
freeipa-fd55da9a27f76611b01c38c2741c13652d6a3e60.zip
ipa-kdb: validate that an OTP user has tokens
This handles the case where a user is configured for OTP in ipaUserAuthType, but the user has not yet created any tokens. Until the user creates tokens, the user should still be able to log in via password. This logic already exists in LDAP, but ipa-kdb needs to perform the same validation to know what data to return to the KDC. https://fedorahosted.org/freeipa/ticket/4154 Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Diffstat (limited to 'daemons/ipa-kdb/ipa_kdb.h')
-rw-r--r--daemons/ipa-kdb/ipa_kdb.h6
1 files changed, 3 insertions, 3 deletions
diff --git a/daemons/ipa-kdb/ipa_kdb.h b/daemons/ipa-kdb/ipa_kdb.h
index 5ad256b0e..6c036e3b6 100644
--- a/daemons/ipa-kdb/ipa_kdb.h
+++ b/daemons/ipa-kdb/ipa_kdb.h
@@ -80,7 +80,7 @@
struct ipadb_mspac;
enum ipadb_user_auth {
- IPADB_USER_AUTH_EMPTY = 0,
+ IPADB_USER_AUTH_NONE = 0,
IPADB_USER_AUTH_DISABLED = 1 << 0,
IPADB_USER_AUTH_PASSWORD = 1 << 1,
IPADB_USER_AUTH_RADIUS = 1 << 2,
@@ -275,5 +275,5 @@ void ipadb_audit_as_req(krb5_context kcontext,
krb5_error_code error_code);
/* AUTH METHODS */
-void ipadb_get_user_auth(LDAP *lcontext, LDAPMessage *le,
- enum ipadb_user_auth *user_auth);
+void ipadb_parse_user_auth(LDAP *lcontext, LDAPMessage *le,
+ enum ipadb_user_auth *user_auth);
generated by cgit (git 2.34.1) at 2024-04-30 18:47:18 +0000