This is an automated email from the git hooks/post-receive script.
mreynolds pushed a commit to branch master
in repository 389-ds-base.
The following commit(s) were added to refs/heads/master by this push:
new 67c7604 Issue 50529 - LDAP server returning PWP controls in different sequence
67c7604 is described below
commit 67c7604b8d0d0ed71394381d0a232466825634f0
Author: Mark Reynolds <mreynolds(a)redhat.com>
AuthorDate: Fri Aug 2 12:07:07 2019 -0400
Issue 50529 - LDAP server returning PWP controls in different sequence
Description: The server returns password policy controls in different orders
depending on the state of grace logins. The requested control,
if any, should be returned first, followed by any controls the
server might add.
relates:
https://pagure.io/389-ds-base/issue/50529
Reviewed by: mreynolds (one line commit rule)
---
ldap/servers/slapd/pw_mgmt.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ldap/servers/slapd/pw_mgmt.c b/ldap/servers/slapd/pw_mgmt.c
index dd32c31..59b90df 100644
--- a/ldap/servers/slapd/pw_mgmt.c
+++ b/ldap/servers/slapd/pw_mgmt.c
@@ -204,10 +204,10 @@ skip:
/* password expired and user exceeded limit of grace attemps.
* Send result and also the control */
- slapi_add_pwd_control(pb, LDAP_CONTROL_PWEXPIRED, 0);
if (pwresponse_req) {
slapi_pwpolicy_make_response_control(pb, -1, -1, LDAP_PWPOLICY_PWDEXPIRED);
}
+ slapi_add_pwd_control(pb, LDAP_CONTROL_PWEXPIRED, 0);
slapi_send_ldap_result(pb, LDAP_INVALID_CREDENTIALS, NULL,
"password expired!", 0, NULL);
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.