freeipa/ipaclient
Florence Blanc-Renaud f1b2d8ab36 ipa otptoken-sync: return error when sync fails
The command ipa otptoken-sync does not properly handle
errors happening during the synchronization step.

- Even if an error is detected (such as invalid password
provided), the command exits with return code = 0. An
error message is displayed but the exit code should be 1.

- When an invalid token is provided, the token is not
synchronized but the error is not reported back to the
ipa otptoken-sync command.

The first issue can be fixed by raising an exception when
the HTTP response contains an header with an error.
The second issue is fixed by returning LDAP_INVALID_CREDENTIALS
to ldap bind with the sync control if synchronization fails.

Fixes: https://pagure.io/freeipa/issue/9248

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
2022-09-29 07:58:44 -04:00
..
install Defer creating the final krb5.conf on clients 2022-09-26 08:48:42 +02:00
plugins ipa otptoken-sync: return error when sync fails 2022-09-29 07:58:44 -04:00
remote_plugins pylint: Fix useless-suppression 2022-03-11 13:37:08 -05:00
__init__.py Split ipa-client/ into ipaclient/ (Python library) and client/ (C, scripts) 2016-01-27 12:09:02 +01:00
__main__.py Use entry_points for ipa CLI 2017-04-11 13:29:50 +02:00
discovery.py Unify access to FQDN 2020-10-26 17:11:19 +11:00
frontend.py pylint: Skip unused-private-member for property case 2022-03-11 13:37:08 -05:00
Makefile.am Build: Makefiles for Python packages 2016-11-09 13:08:32 +01:00
setup.cfg Port all setup.py to setuptools 2016-10-20 18:43:37 +02:00
setup.py Remove support for csrgen 2021-01-21 13:51:45 +01:00