<html> <head> <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"> </head> <body bgcolor="#FFFFFF" text="#000000"> <div class="moz-cite-prefix">On 11/04/2014 05:17 PM, Nathaniel McCallum wrote: </div> <blockquote cite="mid:1415117855.3318.3.camel@redhat.com" type="cite"> <pre wrap="">On Wed, 2014-10-29 at 09:34 -0400, Nathaniel McCallum wrote: </pre> <blockquote type="cite"> <pre wrap="">On Wed, 2014-10-29 at 12:21 +0100, Petr Viktorin wrote: </pre> <blockquote type="cite"> <pre wrap="">On 10/29/2014 10:37 AM, Martin Kosek wrote: </pre> <blockquote type="cite"> <pre wrap="">On 10/28/2014 09:59 PM, Nathaniel McCallum wrote: </pre> <blockquote type="cite"> <pre wrap="">On Thu, 2014-10-23 at 18:07 -0400, Nathaniel McCallum wrote: </pre> <blockquote type="cite"> <pre wrap="">This patch gives the administrator variables to control the size of the authentication and synchronization windows for OTP tokens. <a class="moz-txt-link-freetext" href="https://fedorahosted.org/freeipa/ticket/4511">https://fedorahosted.org/freeipa/ticket/4511</a> NOTE: There is one known issue with this patch which I don't know how to solve. This patch changes the schema in install/share/60ipaconfig.ldif. On an upgrade, all of the new attributeTypes appear correctly. However, the modifications to the pre-existing objectClass do not show up on the server. What am I doing wrong? After modifying ipaGuiConfig manually, everything in this patch works just fine. </pre> </blockquote> <pre wrap=""> This new version takes into account the new (proper) OIDs and attribute names. </pre> </blockquote> <pre wrap=""> Thanks Nathaniel! </pre> <blockquote type="cite"> <pre wrap="">The above known issue still remains. </pre> </blockquote> <pre wrap=""> Petr3, any idea what could have gone wrong? ObjectClass MAY list extension should work just fine, AFAIK. </pre> </blockquote> <pre wrap=""> You added a blank line to the LDIF file. This is an entry separator, so the objectClasses after the blank line don't belong to cn=schema, so they aren't considered in the update. Without the blank line it works fine. </pre> </blockquote> <pre wrap=""> Thanks for the catch! Here is a version without the blank line. </pre> </blockquote> <pre wrap=""> I forgot to remove the old steps defines. This patch performs this cleanup. </pre> <fieldset class="mimeAttachmentHeader"></fieldset> <pre wrap="">_______________________________________________ Freeipa-devel mailing list <a class="moz-txt-link-abbreviated" href="mailto:Freeipa-devel@redhat.com">Freeipa-devel@redhat.com</a> <a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/freeipa-devel">https://www.redhat.com/mailman/listinfo/freeipa-devel</a></pre> </blockquote> Hello Nathaniel, <blockquote>Few comments on the review: <ul> <li>in authcfg</li> <ul> <li>in string_to_types, I would prefer you set the last element of 'map' to { NULL, 0 }.</li> <li>in entry_to_window, you may declare the 'defaults' array as 'static const'</li> <li>Would use define for "ipaUserAuthType","ipaHOTPAuthWindow", "ipaTOTPAuthWindow", "ipaHOTPSyncWindow","ipaTOTPSyncWindow" that are present multiple times</li> <li>suffix_to_config: cfg is set (and returned) calling entry_to_config(entry). Now the entry_to_config returns a structure on the stack so it is not valid to access outside of the entry_to_config</li> <li> authcfg_fini free the configs. config->cfg should have been allocated and must be freed (be care that configs->cfg may contains DEFAULTS)</li> <li>authcfg_get_auth_types:322 should it return 'gbl' or AUTHCFG_AUTH_TYPE_PASSWORD</li> <li>authcfg_get_auth_window/authcfg_get_sync_window returns a window structure that is on the stack. It is not valid outside of those functions</li> </ul> </ul> thanks thierry </blockquote> </body> </html>