[Freeipa-devel] [PATCH 0034] Deny LDAP binds for user accounts with expired principal
Alexander Bokovoy
abokovoy at redhat.com
Mon May 5 15:52:55 UTC 2014
On Wed, 30 Apr 2014, Tomas Babej wrote:
>>>> + if (current_time > expire_time && expire_time > 0) {
>>>> + LOG_FATAL("kerberos principal in %s is
>>>> expired\n", dn);
>>>> + errMesg = "Kerberos principal is expired.";
>>>> + auth_failed = true;
>>>> + goto done;
>>>> + }
>>>> + }
>>> I think indenting is broken for these two brackets.
>>>
>>>
>> Thanks Alexander, fixed.
>>
>> Updated version attached.
>>
>> Tomas
>
>This version is rebased on top of OTP patches, addresses Simo's comments
>and brings unit tests to cover the functionality (however, they need to
>be applied on top of my patches 183-185).
Tested, works fine.
I've pushed the main patch to master. The tests will be pushed after the
dependency patches will be pushed.
--
/ Alexander Bokovoy
More information about the Freeipa-devel
mailing list