From 658e2757fa9559f5dff6d475ae50496429e3d89f Mon Sep 17 00:00:00 2001
From: Pavel Březina <pbrezina@redhat.com>
Date: Mon, 15 Jul 2013 13:44:31 +0200
Subject: print hint about password complexity when new password is rejected

https://fedorahosted.org/sssd/ticket/1827
---
 src/providers/ldap/sdap_async.c | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

(limited to 'src/providers/ldap/sdap_async.c')

diff --git a/src/providers/ldap/sdap_async.c b/src/providers/ldap/sdap_async.c
index 73b2b64af..32763d2e6 100644
--- a/src/providers/ldap/sdap_async.c
+++ b/src/providers/ldap/sdap_async.c
@@ -641,7 +641,21 @@ static void sdap_exop_modify_passwd_done(struct sdap_op *op,
     DEBUG(3, ("ldap_extended_operation result: %s(%d), %s\n",
             sss_ldap_err2string(state->result), state->result, errmsg));
 
-    if (state->result != LDAP_SUCCESS) {
+    switch (state->result) {
+    case LDAP_SUCCESS:
+        ret = EOK;
+        break;
+    case LDAP_CONSTRAINT_VIOLATION:
+        state->user_error_message = talloc_strdup(state,
+            "Please make sure the password meets the complexity constraints.");
+        if (state->user_error_message == NULL) {
+            DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_strdup failed\n"));
+            ret = ENOMEM;
+            goto done;
+        }
+        ret = EIO;
+        goto done;
+    default:
         if (errmsg) {
             state->user_error_message = talloc_strdup(state, errmsg);
             if (state->user_error_message == NULL) {
-- 
cgit