freeipa

mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00

Files

Tomas Babej 5d78cdf809 ipa-pwd-extop: Deny LDAP binds for accounts with expired principals

Adds a check for krbprincipalexpiration attribute to pre_bind operation
in ipa-pwd-extop dirsrv plugin. If the principal is expired, auth is
denied and LDAP_UNWILLING_TO_PERFORM along with the error message is
sent back to the client. Since krbprincipalexpiration attribute is not
mandatory, if there is no value set, the check is passed.

https://fedorahosted.org/freeipa/ticket/3305

Reviewed-By: Simo Sorce <simo@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>

2014-05-05 18:50:01 +03:00

common

include <stdint.h> for uintptr_t

2011-09-22 09:42:11 -04:00

ipa-cldap

CLDAP: add unit tests for make_netbios_name

2014-01-23 18:14:23 +01:00

ipa-dns

Remove CFLAGS duplication.

2013-12-06 14:44:41 +01:00

ipa-enrollment

Remove CFLAGS duplication.