diff options
author | Simo Sorce <ssorce@redhat.com> | 2011-08-01 10:24:21 -0400 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2011-07-31 21:00:45 -0400 |
commit | 6f6679e3483a324fe739a527c9eb5a5640e69386 (patch) | |
tree | e7fdd79db69e0833c9d64084ac7aae8f1e4a366f /daemons/ipa-slapi-plugins | |
parent | d6875b9adc6d43ae9eec74e52070dd0833ccf2dc (diff) | |
download | freeipa-6f6679e3483a324fe739a527c9eb5a5640e69386.tar.gz freeipa-6f6679e3483a324fe739a527c9eb5a5640e69386.tar.xz freeipa-6f6679e3483a324fe739a527c9eb5a5640e69386.zip |
Don't set the password expiration to the current time
This fixes a regression in the previous patch in ticket #1526.
Diffstat (limited to 'daemons/ipa-slapi-plugins')
-rw-r--r-- | daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c | 25 |
1 files changed, 14 insertions, 11 deletions
diff --git a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c index ebefad615..99fc10405 100644 --- a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c +++ b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c @@ -850,12 +850,6 @@ static int ipapwd_post_op(Slapi_PBlock *pb) } } - /* set Password Expiration date */ - if (!gmtime_r(&(pwdop->pwdata.expireTime), &utctime)) { - LOG_FATAL("failed to parse expiration date (buggy gmtime_r ?)\n"); - goto done; - } - /* Don't set a last password change or expiration on host passwords. * krbLastPwdChange is used to tell whether we have a valid keytab. If we * set it on userPassword it confuses enrollment. If krbPasswordExpiration @@ -865,7 +859,20 @@ static int ipapwd_post_op(Slapi_PBlock *pb) * ipapwd_setkeytab(). */ ipahost = slapi_value_new_string("ipaHost"); - if (!pwdop->pwdata.target || (slapi_entry_attr_has_syntax_value(pwdop->pwdata.target, SLAPI_ATTR_OBJECTCLASS, ipahost)) == 0) { + if (!pwdop->pwdata.target || + (slapi_entry_attr_has_syntax_value(pwdop->pwdata.target, + SLAPI_ATTR_OBJECTCLASS, + ipahost)) == 0) { + + /* set Password Expiration date */ + if (!gmtime_r(&(pwdop->pwdata.expireTime), &utctime)) { + LOG_FATAL("failed to parse expiration date (buggy gmtime_r ?)\n"); + goto done; + } + strftime(timestr, GENERALIZED_TIME_LENGTH+1, + "%Y%m%d%H%M%SZ", &utctime); + slapi_mods_add_string(smods, LDAP_MOD_REPLACE, + "krbPasswordExpiration", timestr); /* change Last Password Change field with the current date */ if (!gmtime_r(&(pwdop->pwdata.timeNow), &utctime)) { LOG_FATAL("failed to parse current date (buggy gmtime_r ?)\n"); @@ -876,10 +883,6 @@ static int ipapwd_post_op(Slapi_PBlock *pb) "%Y%m%d%H%M%SZ", &utctime); slapi_mods_add_string(smods, LDAP_MOD_REPLACE, "krbLastPwdChange", timestr); - strftime(timestr, GENERALIZED_TIME_LENGTH+1, - "%Y%m%d%H%M%SZ", &utctime); - slapi_mods_add_string(smods, LDAP_MOD_REPLACE, - "krbPasswordExpiration", timestr); } slapi_value_free(&ipahost); |