This is an automated email from the git hooks/post-receive script.
mreynolds pushed a commit to branch 389-ds-base-1.4.0 in repository 389-ds-base.
The following commit(s) were added to refs/heads/389-ds-base-1.4.0 by this push: new b6df377 Issue 50529 - LDAP server returning PWP controls in different sequence b6df377 is described below
commit b6df3771047da5e4fe73f4d7715c006e3906770b Author: Mark Reynolds mreynolds@redhat.com AuthorDate: Fri Aug 2 12:07:07 2019 -0400
Issue 50529 - LDAP server returning PWP controls in different sequence
Description: The server returns password policy controls in different orders depending on the state of grace logins. The requested control, if any, should be returned first, followed by any controls the server might add.
relates: https://pagure.io/389-ds-base/issue/50529
Reviewed by: mreynolds (one line commit rule) --- ldap/servers/slapd/pw_mgmt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ldap/servers/slapd/pw_mgmt.c b/ldap/servers/slapd/pw_mgmt.c index befac50..ca76fc1 100644 --- a/ldap/servers/slapd/pw_mgmt.c +++ b/ldap/servers/slapd/pw_mgmt.c @@ -207,10 +207,10 @@ skip:
/* password expired and user exceeded limit of grace attemps. * Send result and also the control */ - slapi_add_pwd_control(pb, LDAP_CONTROL_PWEXPIRED, 0); if (pwresponse_req) { slapi_pwpolicy_make_response_control(pb, -1, -1, LDAP_PWPOLICY_PWDEXPIRED); } + slapi_add_pwd_control(pb, LDAP_CONTROL_PWEXPIRED, 0); slapi_send_ldap_result(pb, LDAP_INVALID_CREDENTIALS, NULL, "password expired!", 0, NULL);
389-commits@lists.fedoraproject.org