mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-02-25 18:55:28 -06:00
221768f882
The command ipa otptoken-sync does not properly handle errors happening during the synchronization step. - Even if an error is detected (such as invalid password provided), the command exits with return code = 0. An error message is displayed but the exit code should be 1. - When an invalid token is provided, the token is not synchronized but the error is not reported back to the ipa otptoken-sync command. The first issue can be fixed by raising an exception when the HTTP response contains an header with an error. The second issue is fixed by returning LDAP_INVALID_CREDENTIALS to ldap bind with the sync control if synchronization fails. Fixes: https://pagure.io/freeipa/issue/9248 Signed-off-by: Florence Blanc-Renaud <flo@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com>