diff options
| -rw-r--r-- | src/providers/ldap/ldap_auth.c | 30 | ||||
| -rw-r--r-- | src/tests/cmocka/test_ldap_auth.c | 4 |
2 files changed, 8 insertions, 26 deletions
diff --git a/src/providers/ldap/ldap_auth.c b/src/providers/ldap/ldap_auth.c index 42899fd0..6ee570bb 100644 --- a/src/providers/ldap/ldap_auth.c +++ b/src/providers/ldap/ldap_auth.c @@ -83,36 +83,18 @@ static errno_t check_pwexpire_kerberos(const char *expire_date, time_t now, struct pam_data *pd, int pwd_exp_warning) { - char *end; - struct tm tm; time_t expire_time; int expiration_warning; int ret = ERR_INTERNAL; - memset(&tm, 0, sizeof(tm)); - - end = strptime(expire_date, "%Y%m%d%H%M%SZ", &tm); - if (end == NULL) { - DEBUG(SSSDBG_CRIT_FAILURE, - "Kerberos expire date [%s] invalid.\n", expire_date); - return EINVAL; - } - if (*end != '\0') { - DEBUG(SSSDBG_CRIT_FAILURE, - "Kerberos expire date [%s] contains extra characters.\n", - expire_date); - return EINVAL; - } - - expire_time = mktime(&tm); - if (expire_time == -1) { - DEBUG(SSSDBG_CRIT_FAILURE, - "mktime failed to convert [%s].\n", expire_date); - return EINVAL; + ret = sss_utc_to_time_t(expire_date, "%Y%m%d%H%M%SZ", + &expire_time); + if (ret != EOK) { + DEBUG(SSSDBG_MINOR_FAILURE, "sss_utc_to_time_t failed with %d:%s.\n", + ret, sss_strerror(ret)); + return ret; } - tzset(); - expire_time -= timezone; DEBUG(SSSDBG_TRACE_ALL, "Time info: tzname[0] [%s] tzname[1] [%s] timezone [%ld] " "daylight [%d] now [%ld] expire_time [%ld].\n", tzname[0], diff --git a/src/tests/cmocka/test_ldap_auth.c b/src/tests/cmocka/test_ldap_auth.c index 814178eb..925fb0fa 100644 --- a/src/tests/cmocka/test_ldap_auth.c +++ b/src/tests/cmocka/test_ldap_auth.c @@ -58,11 +58,11 @@ static void test_pwexpire_krb(void **state) ret = check_pwexpire_policy(type, (void*) tc->invalid_longer_format, NULL, 0); - assert_true(ret == EINVAL); + assert_true(ret == ERR_TIMESPEC_NOT_SUPPORTED); ret = check_pwexpire_policy(type, (void*) tc->invalid_format, NULL, 0); - assert_true(ret == EINVAL); + assert_true(ret == ERR_TIMESPEC_NOT_SUPPORTED); ret = check_pwexpire_policy(type, (void*) tc->past_time, NULL, 0); |