summaryrefslogtreecommitdiffstats
path: root/daemons/ipa-slapi-plugins
diff options
context:
space:
mode:
authorSimo Sorce <ssorce@redhat.com>2011-08-01 10:24:21 -0400
committerRob Crittenden <rcritten@redhat.com>2011-07-31 21:00:45 -0400
commit6f6679e3483a324fe739a527c9eb5a5640e69386 (patch)
treee7fdd79db69e0833c9d64084ac7aae8f1e4a366f /daemons/ipa-slapi-plugins
parentd6875b9adc6d43ae9eec74e52070dd0833ccf2dc (diff)
downloadfreeipa-6f6679e3483a324fe739a527c9eb5a5640e69386.tar.gz
freeipa-6f6679e3483a324fe739a527c9eb5a5640e69386.tar.xz
freeipa-6f6679e3483a324fe739a527c9eb5a5640e69386.zip
Don't set the password expiration to the current time
This fixes a regression in the previous patch in ticket #1526.
Diffstat (limited to 'daemons/ipa-slapi-plugins')
-rw-r--r--daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c25
1 files changed, 14 insertions, 11 deletions
diff --git a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c
index ebefad615..99fc10405 100644
--- a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c
+++ b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c
@@ -850,12 +850,6 @@ static int ipapwd_post_op(Slapi_PBlock *pb)
}
}
- /* set Password Expiration date */
- if (!gmtime_r(&(pwdop->pwdata.expireTime), &utctime)) {
- LOG_FATAL("failed to parse expiration date (buggy gmtime_r ?)\n");
- goto done;
- }
-
/* Don't set a last password change or expiration on host passwords.
* krbLastPwdChange is used to tell whether we have a valid keytab. If we
* set it on userPassword it confuses enrollment. If krbPasswordExpiration
@@ -865,7 +859,20 @@ static int ipapwd_post_op(Slapi_PBlock *pb)
* ipapwd_setkeytab().
*/
ipahost = slapi_value_new_string("ipaHost");
- if (!pwdop->pwdata.target || (slapi_entry_attr_has_syntax_value(pwdop->pwdata.target, SLAPI_ATTR_OBJECTCLASS, ipahost)) == 0) {
+ if (!pwdop->pwdata.target ||
+ (slapi_entry_attr_has_syntax_value(pwdop->pwdata.target,
+ SLAPI_ATTR_OBJECTCLASS,
+ ipahost)) == 0) {
+
+ /* set Password Expiration date */
+ if (!gmtime_r(&(pwdop->pwdata.expireTime), &utctime)) {
+ LOG_FATAL("failed to parse expiration date (buggy gmtime_r ?)\n");
+ goto done;
+ }
+ strftime(timestr, GENERALIZED_TIME_LENGTH+1,
+ "%Y%m%d%H%M%SZ", &utctime);
+ slapi_mods_add_string(smods, LDAP_MOD_REPLACE,
+ "krbPasswordExpiration", timestr);
/* change Last Password Change field with the current date */
if (!gmtime_r(&(pwdop->pwdata.timeNow), &utctime)) {
LOG_FATAL("failed to parse current date (buggy gmtime_r ?)\n");
@@ -876,10 +883,6 @@ static int ipapwd_post_op(Slapi_PBlock *pb)
"%Y%m%d%H%M%SZ", &utctime);
slapi_mods_add_string(smods, LDAP_MOD_REPLACE,
"krbLastPwdChange", timestr);
- strftime(timestr, GENERALIZED_TIME_LENGTH+1,
- "%Y%m%d%H%M%SZ", &utctime);
- slapi_mods_add_string(smods, LDAP_MOD_REPLACE,
- "krbPasswordExpiration", timestr);
}
slapi_value_free(&ipahost);