diff options
author | Noriko Hosoi <nhosoi@redhat.com> | 2007-03-07 22:06:19 +0000 |
---|---|---|
committer | Noriko Hosoi <nhosoi@redhat.com> | 2007-03-07 22:06:19 +0000 |
commit | 962c5dccedd73d3505560c2704c7c6757ec75b5d (patch) | |
tree | 5e4a091b8ed3f283a12657b06e28806ed30065cf /ldap/servers/slapd/pw_mgmt.c | |
parent | 94a80392f80c63fcfe061100ab2b0b307a940f27 (diff) | |
download | ds-962c5dccedd73d3505560c2704c7c6757ec75b5d.tar.gz ds-962c5dccedd73d3505560c2704c7c6757ec75b5d.tar.xz ds-962c5dccedd73d3505560c2704c7c6757ec75b5d.zip |
Resolves: 229513
Summary: CRM #1160370 RHDS does not reset passwordRetryCount to 0 upon a successful BIND
Change: If password lockout is on, need_new_pw from the successful bind tries
to set passwordRetryCount to 0 in smods, but if passwordExpirationTime is not
set and password never expires, the smods is not applied and discarded. Added
pw_apply_mods if password lockout is on.
Diffstat (limited to 'ldap/servers/slapd/pw_mgmt.c')
-rw-r--r-- | ldap/servers/slapd/pw_mgmt.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/ldap/servers/slapd/pw_mgmt.c b/ldap/servers/slapd/pw_mgmt.c index 20303f29..98f824f1 100644 --- a/ldap/servers/slapd/pw_mgmt.c +++ b/ldap/servers/slapd/pw_mgmt.c @@ -95,12 +95,14 @@ need_new_pw( Slapi_PBlock *pb, long *t, Slapi_Entry *e, int pwresponse_req ) pw_exp_date = time_plus_sec ( cur_time, pwpolicy->pw_maxage ); - timestring = format_genTime (pw_exp_date); + timestring = format_genTime (pw_exp_date); slapi_mods_add_string(&smods, LDAP_MOD_REPLACE, "passwordExpirationTime", timestring); slapi_ch_free((void **)×tring); slapi_mods_add_string(&smods, LDAP_MOD_REPLACE, "passwordExpWarned", "0"); pw_apply_mods(dn, &smods); + } else if (pwpolicy->pw_lockout == 1) { + pw_apply_mods(dn, &smods); } slapi_mods_done(&smods); delete_passwdPolicy(&pwpolicy); @@ -109,7 +111,7 @@ need_new_pw( Slapi_PBlock *pb, long *t, Slapi_Entry *e, int pwresponse_req ) pw_exp_date = parse_genTime(passwordExpirationTime); - slapi_ch_free((void**)&passwordExpirationTime); + slapi_ch_free((void**)&passwordExpirationTime); /* Check if password has been reset */ if ( pw_exp_date == NO_TIME ) { |