[Freeipa-devel] [PATCH] Fix some password policy checking issues
Simo Sorce
ssorce at redhat.com
Mon Apr 7 14:11:46 UTC 2008
On Mon, 2008-04-07 at 09:42 -0400, Rob Crittenden wrote:
> Simo Sorce wrote:
> > Check provided password != old password
> > Limit the history also based on the length defined in the policy
> >
> >
> >
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Freeipa-devel mailing list
> > Freeipa-devel at redhat.com
> > https://www.redhat.com/mailman/listinfo/freeipa-devel
>
> In two places you have this:
>
> /* if shorter than GENERALIZED_TIME_LENGTH, it
> * is garbage, we never set timeless entries */
>
> Should this be logged?
No, it is just an extreme paranoia check, it should never happen, but as
it may affect ordering if it does, I want to make sure we cover the very
unlikely case (I should also check the 15 bytes actually do represent a
date to be honest).
> Otherwise ack.
Ok, I'll push.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list