andykimpe / rpms / 389-ds-base

Forked from rpms/389-ds-base 4 months ago
Clone
Source Code
GIT

Blame 0001-Ticket-478-passwordTrackUpdateTime-stops-working-wit.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-armhfp c7-beta c8-beta-stream-1.4 c8-stream-1.4 c8s-stream-1.4 c8s-stream-ds c9 c9-beta
  1.   dc8c345aafdce027e11e93c1bcecc7676bccc6aa
  2.   0001-Ticket-478-passwordTrackUpdateTime-stops-working-wit.patch
Blob History Raw
dc8c34 
From 009fd8c21bb8226766fd84e477fae032ab1741c5 Mon Sep 17 00:00:00 2001
dc8c34 
From: Mark Reynolds <mreynolds@redhat.com>
dc8c34 
Date: Fri, 28 Sep 2012 15:00:20 -0400
dc8c34 
Subject: [PATCH 1/5] Ticket 478 - passwordTrackUpdateTime stops working with
dc8c34 
 subtree password policies
dc8c34
dc8c34 
Bug Description:  If you create a subtree/user password policy passwordTrackUpdateTime
dc8c34 
                  is not checked, bascially turning it off regardless of the setting in
dc8c34 
                  cn=config.
dc8c34
dc8c34 
Fix Description:  Added a check for passwordTrackUpdateTime in new_passwordPolicy().  Also
dc8c34 
                  added this attribute to the schema so you can manually add it to subtree/user
dc8c34 
                  password policies.
dc8c34
dc8c34 
https://fedorahosted.org/389/ticket/478
dc8c34
dc8c34 
Reviewed by: Noriko(Thanks!)
dc8c34 
(cherry picked from commit 7ba65b0022b9ecb40baaffbcef8130527028ed8b)
dc8c34 
---
dc8c34 
 ldap/schema/02common.ldif |    3 ++-
dc8c34 
 ldap/servers/slapd/pw.c   |    5 ++++-
dc8c34 
 2 files changed, 6 insertions(+), 2 deletions(-)
dc8c34
dc8c34 
diff --git a/ldap/schema/02common.ldif b/ldap/schema/02common.ldif
dc8c34 
index c209615..c6cc6b8 100644
dc8c34 
--- a/ldap/schema/02common.ldif
dc8c34 
+++ b/ldap/schema/02common.ldif
dc8c34 
@@ -94,6 +94,7 @@ attributeTypes: ( 2.16.840.1.113730.3.1.2080 NAME ( 'passwordMin8bit' 'pwdMin8bi
dc8c34 
 attributeTypes: ( 2.16.840.1.113730.3.1.2081 NAME ( 'passwordMaxRepeats' 'pwdMaxRepeats' ) DESC 'Netscape defined password policy attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
dc8c34 
 attributeTypes: ( 2.16.840.1.113730.3.1.2082 NAME ( 'passwordMinCategories' 'pwdMinCategories' ) DESC 'Netscape defined password policy attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
dc8c34 
 attributeTypes: ( 2.16.840.1.113730.3.1.2083 NAME ( 'passwordMinTokenLength' 'pwdMinTokenLength' ) DESC 'Netscape defined password policy attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
dc8c34 
+attributeTypes: ( 2.16.840.1.113730.3.1.2140 NAME ( 'passwordTrackUpdateTime' ) DESC 'Netscape defined password policy attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
dc8c34 
 attributeTypes: ( 2.16.840.1.113730.3.1.198 NAME 'memberURL' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'Netscape Directory Server' )
dc8c34 
 attributeTypes: ( 2.16.840.1.113730.3.1.199 NAME 'memberCertificateDescription' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'Netscape Directory Server' )
dc8c34 
 attributeTypes: ( 2.16.840.1.113730.3.1.207 NAME 'vlvBase' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'Netscape Directory Server' )
dc8c34 
@@ -163,7 +164,7 @@ objectClasses: ( 2.16.840.1.113730.3.2.7 NAME 'nsLicenseUser' DESC 'Netscape def
dc8c34 
 objectClasses: ( 2.16.840.1.113730.3.2.1 NAME 'changeLogEntry' DESC 'LDAP changelog objectclass' SUP top MUST ( targetdn $ changeTime $ changenumber $ changeType ) MAY ( changes $ newrdn $ deleteoldrdn $ newsuperior ) X-ORIGIN 'Changelog Internet Draft' )
dc8c34 
 objectClasses: ( 2.16.840.1.113730.3.2.6 NAME 'referral' DESC 'LDAP referrals objectclass' SUP top MAY ( ref ) X-ORIGIN 'LDAPv3 referrals Internet Draft' )
dc8c34 
 objectClasses: ( 2.16.840.1.113730.3.2.12 NAME 'passwordObject' DESC 'Netscape defined password policy objectclass' SUP top MAY ( pwdpolicysubentry $ passwordExpirationTime $ passwordExpWarned $ passwordRetryCount $ retryCountResetTime $ accountUnlockTime $ passwordHistory $ passwordAllowChangeTime $ passwordGraceUserTime ) X-ORIGIN 'Netscape Directory Server' )
dc8c34 
-objectClasses: ( 2.16.840.1.113730.3.2.13 NAME 'passwordPolicy' DESC 'Netscape defined password policy objectclass' SUP top MAY ( passwordMaxAge $ passwordExp $ passwordMinLength $ passwordKeepHistory $ passwordInHistory $ passwordChange $ passwordWarning $ passwordLockout $ passwordMaxFailure $ passwordResetDuration $ passwordUnlock $ passwordLockoutDuration $ passwordCheckSyntax $ passwordMustChange $ passwordStorageScheme $ passwordMinAge $ passwordResetFailureCount $ passwordGraceLimit $ passwordMinDigits $ passwordMinAlphas $ passwordMinUppers $ passwordMinLowers $ passwordMinSpecials $ passwordMin8bit $ passwordMaxRepeats $ passwordMinCategories $ passwordMinTokenLength ) X-ORIGIN 'Netscape Directory Server' )
dc8c34 
+objectClasses: ( 2.16.840.1.113730.3.2.13 NAME 'passwordPolicy' DESC 'Netscape defined password policy objectclass' SUP top MAY ( passwordMaxAge $ passwordExp $ passwordMinLength $ passwordKeepHistory $ passwordInHistory $ passwordChange $ passwordWarning $ passwordLockout $ passwordMaxFailure $ passwordResetDuration $ passwordUnlock $ passwordLockoutDuration $ passwordCheckSyntax $ passwordMustChange $ passwordStorageScheme $ passwordMinAge $ passwordResetFailureCount $ passwordGraceLimit $ passwordMinDigits $ passwordMinAlphas $ passwordMinUppers $ passwordMinLowers $ passwordMinSpecials $ passwordMin8bit $ passwordMaxRepeats $ passwordMinCategories $ passwordMinTokenLength $ passwordTrackUpdateTime ) X-ORIGIN 'Netscape Directory Server' )
dc8c34 
 objectClasses: ( 2.16.840.1.113730.3.2.30 NAME 'glue' DESC 'Netscape defined objectclass' SUP top X-ORIGIN 'Netscape Directory Server' )
dc8c34 
 objectClasses: ( 2.16.840.1.113730.3.2.32 NAME 'netscapeMachineData' DESC 'Netscape defined objectclass' SUP top X-ORIGIN 'Netscape Directory Server' )
dc8c34 
 objectClasses: ( 2.16.840.1.113730.3.2.38 NAME 'vlvSearch' DESC 'Netscape defined objectclass' SUP top MUST ( cn $ vlvBase $ vlvScope $ vlvFilter ) MAY ( multiLineDescription ) X-ORIGIN 'Netscape Directory Server' )
dc8c34 
diff --git a/ldap/servers/slapd/pw.c b/ldap/servers/slapd/pw.c
dc8c34 
index 93fc899..6f3d436 100644
dc8c34 
--- a/ldap/servers/slapd/pw.c
dc8c34 
+++ b/ldap/servers/slapd/pw.c
dc8c34 
@@ -1625,10 +1625,13 @@ new_passwdPolicy(Slapi_PBlock *pb, const char *dn)
dc8c34 
 				              "--local policy entry not found\n", dn);
dc8c34 
 				goto done;
dc8c34 
 			}
dc8c34 
-
dc8c34 
+
dc8c34 
 			/* set the default passwordLegacyPolicy setting */
dc8c34 
 			pwdpolicy->pw_is_legacy = 1;
dc8c34
dc8c34 
+			/* set passwordTrackUpdateTime */
dc8c34 
+			pwdpolicy->pw_track_update_time = slapdFrontendConfig->pw_policy.pw_track_update_time;
dc8c34 
+
dc8c34 
 			for (slapi_entry_first_attr(pw_entry, &attr); attr;
dc8c34 
 					slapi_entry_next_attr(pw_entry, attr, &attr))
dc8c34 
 			{
dc8c34 
--
dc8c34 
1.7.7.6
dc8c34

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation