mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-01-30 13:30:57 +08:00
Code Issues Packages Projects Releases Wiki Activity

ITS#7596 Report correct number of grace authentications left

Browse Source
This commit is contained in:
Ondřej Kuzník 2021-02-23 14:31:41 +00:00 committed by Quanah Gibson-Mount
parent 3925b8e009
commit d1799a5023
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
servers/slapd/overlays/ppolicy.c
View File

@ -703,7 +703,7 @@ create_passcontrol( Operation *op, int exptime, int grace, LDAPPasswordPolicyErr
}
ber_printf( ber, "tO", PPOLICY_WARNING, &bv );
ch_free( bv.bv_val );
} else if ( grace > 0 ) {
} else if ( grace >= 0 ) {
ber_init2( b2, NULL, LBER_USE_DER );
ber_printf( b2, "ti", PPOLICY_GRACE, grace );
rc = ber_flatten2( b2, &bv, 1 );
@ -1658,8 +1658,10 @@ grace:
Debug( LDAP_DEBUG_ANY,
"ppolicy_bind: Entry %s has an expired password: %d grace logins\n",
e->e_name.bv_val, ngut );
if (ngut < 1) {
ngut--;
if (ngut < 0) {
ppb->pErr = PP_passwordExpired;
rs->sr_err = LDAP_INVALID_CREDENTIALS;
goto done;