Julien Rische 35e94bee0e ipa-kdb: do not remove keys for hardened auth-enabled users ...

Since 5d51ae5, principal keys were dropped in case user auth indicator
was not including password. Thereafter, the key removal behavior was
removed by 15ff9c8 in the context of the kdcpolicy plugin introduction.
Support for hardened pre-auth methods (FAST and SPAKE) was added in
d057040, and the removal of principal keys was restored afterwards by
f0d12b7, but not taking the new hardened auth indicator into account.

Fixes: https://pagure.io/freeipa/issue/9065
Related to: https://pagure.io/freeipa/issue/8001

Signed-off-by: Julien Rische <jrische@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Francisco Trivino <ftrivino@redhat.com>

2022-02-02 15:42:45 +01:00

..

dnssec

dnssec: concurrency issue when disabling old replica key

2021-03-09 16:52:38 +01:00

ipa-kdb

ipa-kdb: do not remove keys for hardened auth-enabled users

2022-02-02 15:42:45 +01:00

ipa-otpd

ipa-otpd: handle LDAP timeout in a better way

2021-04-23 11:13:36 +03:00

ipa-sam

ipa-sam: return NetBIOS domain name instead of DNS one

2021-02-02 09:41:00 +02:00

ipa-slapi-plugins

Fix use of comparison functions to avoid GCC bug 95189

2021-11-23 10:31:34 +01:00

ipa-version.h.in

Build: move version handling from Makefile to configure

2016-11-09 13:08:32 +01:00

Makefile.am

build: Unify compiler warning flags used

2021-01-15 14:11:56 +01:00