This is an automated email from the git hooks/post-receive script.
mreynolds pushed a commit to branch master in repository 389-ds-base.
The following commit(s) were added to refs/heads/master by this push: new 67c7604 Issue 50529 - LDAP server returning PWP controls in different sequence 67c7604 is described below
commit 67c7604b8d0d0ed71394381d0a232466825634f0 Author: Mark Reynolds mreynolds@redhat.com AuthorDate: Fri Aug 2 12:07:07 2019 -0400
Issue 50529 - LDAP server returning PWP controls in different sequence
Description: The server returns password policy controls in different orders depending on the state of grace logins. The requested control, if any, should be returned first, followed by any controls the server might add.
relates: https://pagure.io/389-ds-base/issue/50529
Reviewed by: mreynolds (one line commit rule) --- ldap/servers/slapd/pw_mgmt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ldap/servers/slapd/pw_mgmt.c b/ldap/servers/slapd/pw_mgmt.c index dd32c31..59b90df 100644 --- a/ldap/servers/slapd/pw_mgmt.c +++ b/ldap/servers/slapd/pw_mgmt.c @@ -204,10 +204,10 @@ skip:
/* password expired and user exceeded limit of grace attemps. * Send result and also the control */ - slapi_add_pwd_control(pb, LDAP_CONTROL_PWEXPIRED, 0); if (pwresponse_req) { slapi_pwpolicy_make_response_control(pb, -1, -1, LDAP_PWPOLICY_PWDEXPIRED); } + slapi_add_pwd_control(pb, LDAP_CONTROL_PWEXPIRED, 0); slapi_send_ldap_result(pb, LDAP_INVALID_CREDENTIALS, NULL, "password expired!", 0, NULL);
389-commits@lists.fedoraproject.org