[Freeipa-devel] [PATCH] ipa-pwd-extop: allow password change on all connections with SSF>1
Jan Cholasta
jcholast at redhat.com
Tue Oct 4 09:15:04 UTC 2011
On 27.9.2011 10:15, Sumit Bose wrote:
> Hi,
>
> currently the change password plugin does not check if the connection is
> coming from a local LDAPI socket and denies password change requests via
> LDAPI. This patch changes the check to just look at the overall SSF of
> the connection which covers all types of connection.
>
> There is a similar check in ipa_enrollment.c. But I think enrollments via
> LDAPI does not make much sense so it does not need to be changed.
IMHO it should be changed anyway, for the sake of consistency.
>
> This patch should fix https://fedorahosted.org/freeipa/ticket/1877.
>
> bye,
> Sumit
>
The patch has trailing whitespace on lines 20 and 32-35 and needs to be
rebased.
Tested the patch with ldappasswd over ldap/ldaps/ldapi - works as expected.
Honza
--
Jan Cholasta
More information about the Freeipa-devel
mailing list