Don't set the password expiration to the current time

This fixes a regression in the previous patch in ticket #1526.
2025-01-26 16:16:31 -06:00 · 2011-08-01 10:24:21 -04:00 · 2011-08-01 10:24:21 -04:00 · 6f6679e348
commit 6f6679e348
parent d6875b9adc
1 changed files with 14 additions and 11 deletions
--- a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c
+++ b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c
@ -850,12 +850,6 @@ static int ipapwd_post_op(Slapi_PBlock *pb)
        }
    }

-    /* set Password Expiration date */
-    if (!gmtime_r(&(pwdop->pwdata.expireTime), &utctime)) {
-        LOG_FATAL("failed to parse expiration date (buggy gmtime_r ?)\n");
-        goto done;
-    }
-
    /* Don't set a last password change or expiration on host passwords. 
     * krbLastPwdChange is used to tell whether we have a valid keytab. If we
     * set it on userPassword it confuses enrollment. If krbPasswordExpiration
@ -865,7 +859,20 @@ static int ipapwd_post_op(Slapi_PBlock *pb)
     * ipapwd_setkeytab().
     */
    ipahost = slapi_value_new_string("ipaHost");
-    if (!pwdop->pwdata.target || (slapi_entry_attr_has_syntax_value(pwdop->pwdata.target, SLAPI_ATTR_OBJECTCLASS, ipahost)) == 0) {
+    if (!pwdop->pwdata.target ||
+        (slapi_entry_attr_has_syntax_value(pwdop->pwdata.target,
+                                           SLAPI_ATTR_OBJECTCLASS,
+                                           ipahost)) == 0) {
+
+        /* set Password Expiration date */
+        if (!gmtime_r(&(pwdop->pwdata.expireTime), &utctime)) {
+            LOG_FATAL("failed to parse expiration date (buggy gmtime_r ?)\n");
+            goto done;
+        }
+        strftime(timestr, GENERALIZED_TIME_LENGTH+1,
+                 "%Y%m%d%H%M%SZ", &utctime);
+        slapi_mods_add_string(smods, LDAP_MOD_REPLACE,
+                              "krbPasswordExpiration", timestr);
        /* change Last Password Change field with the current date */
        if (!gmtime_r(&(pwdop->pwdata.timeNow), &utctime)) {
            LOG_FATAL("failed to parse current date (buggy gmtime_r ?)\n");
@ -876,10 +883,6 @@ static int ipapwd_post_op(Slapi_PBlock *pb)
                 "%Y%m%d%H%M%SZ", &utctime);
        slapi_mods_add_string(smods, LDAP_MOD_REPLACE,
                              "krbLastPwdChange", timestr);
-        strftime(timestr, GENERALIZED_TIME_LENGTH+1,
-                 "%Y%m%d%H%M%SZ", &utctime);
-        slapi_mods_add_string(smods, LDAP_MOD_REPLACE,
-                              "krbPasswordExpiration", timestr);
    }
    slapi_value_free(&ipahost);