amoralej / rpms / 389-ds-base

Forked from rpms/389-ds-base 5 years ago
Clone

Blame SOURCES/0061-Ticket-49080-shadowExpire-should-not-be-a-calculated.patch

723150
From 50b73af8729b6753c71ba6206632561b5974523d Mon Sep 17 00:00:00 2001
723150
From: Noriko Hosoi <nhosoi@redhat.com>
723150
Date: Wed, 11 Jan 2017 14:14:40 -0800
723150
Subject: [PATCH 61/67] Ticket #49080 - shadowExpire should not be a calculated
723150
 value
723150
723150
Description: Reverting the changes made on shadowExpire in the ticket 548.
723150
723150
Thanks to Gordon Messmer (gordon.messmer@gmail.com) for providing the original patch.
723150
723150
Reviewed by William Brown <wibrown@redhat.com> (Thanks!!).
723150
723150
(cherry picked from commit 14eb192b0f99ae3d811fd8a5bb40713bc85ea533)
723150
(cherry picked from commit 2ca12fc5b79dbbb8889eba6da7b4ce59cd6cb86d)
723150
---
723150
 ldap/servers/slapd/pw.c | 29 +++++------------------------
723150
 1 file changed, 5 insertions(+), 24 deletions(-)
723150
723150
diff --git a/ldap/servers/slapd/pw.c b/ldap/servers/slapd/pw.c
723150
index 6f02f90..ce1ca2a 100644
723150
--- a/ldap/servers/slapd/pw.c
723150
+++ b/ldap/servers/slapd/pw.c
723150
@@ -2803,7 +2803,6 @@ add_shadow_ext_password_attrs(Slapi_PBlock *pb, Slapi_Entry **e)
723150
     const char *dn = NULL;
723150
     passwdPolicy *pwpolicy = NULL;
723150
     long long shadowval = 0;
723150
-    long long exptime = 0;
723150
     Slapi_Mods *smods = NULL;
723150
     LDAPMod **mods;
723150
     long long sval;
723150
@@ -2811,7 +2810,6 @@ add_shadow_ext_password_attrs(Slapi_PBlock *pb, Slapi_Entry **e)
723150
     char *shmin = NULL;
723150
     char *shmax = NULL;
723150
     char *shwarn = NULL;
723150
-    char *shexp = NULL;
723150
     int rc = 0;
723150
 
723150
     if (!e || !*e) {
723150
@@ -2861,7 +2859,6 @@ add_shadow_ext_password_attrs(Slapi_PBlock *pb, Slapi_Entry **e)
723150
     /* shadowMax - the maximum number of days for which the user password remains valid. */
723150
     if (pwpolicy->pw_maxage > 0) {
723150
         shadowval = pwpolicy->pw_maxage / _SEC_PER_DAY;
723150
-        exptime = time_plus_sec(current_time(), pwpolicy->pw_maxage);
723150
         if (shadowval > _MAX_SHADOW) {
723150
             shadowval = _MAX_SHADOW;
723150
         }
723150
@@ -2903,22 +2900,6 @@ add_shadow_ext_password_attrs(Slapi_PBlock *pb, Slapi_Entry **e)
723150
         shwarn = slapi_ch_smprintf("%lld", shadowval);
723150
     }
723150
 
723150
-    /* shadowExpire - the date on which the user login will be disabled. */
723150
-    if (exptime) {
723150
-        shexp = slapi_entry_attr_get_charptr(*e, "shadowExpire");
723150
-        exptime /= _SEC_PER_DAY;
723150
-        if (shexp) {
723150
-            sval = strtoll(shexp, NULL, 0);
723150
-            if (sval != exptime) {
723150
-                slapi_ch_free_string(&shexp);
723150
-                shexp = slapi_ch_smprintf("%lld", exptime);
723150
-                mod_num++;
723150
-            }
723150
-        } else {
723150
-            mod_num++;
723150
-            shexp = slapi_ch_smprintf("%lld", exptime);
723150
-        }
723150
-    }
723150
     smods = slapi_mods_new();
723150
     slapi_mods_init(smods, mod_num);
723150
     if (shmin) {
723150
@@ -2933,10 +2914,6 @@ add_shadow_ext_password_attrs(Slapi_PBlock *pb, Slapi_Entry **e)
723150
         slapi_mods_add(smods, LDAP_MOD_REPLACE, "shadowWarning", strlen(shwarn), shwarn);
723150
         slapi_ch_free_string(&shwarn);
723150
     }
723150
-    if (shexp) {
723150
-        slapi_mods_add(smods, LDAP_MOD_REPLACE, "shadowExpire", strlen(shexp), shexp);
723150
-        slapi_ch_free_string(&shexp);
723150
-    }
723150
     /* Apply the  mods to create the resulting entry. */
723150
     mods = slapi_mods_get_ldapmods_byref(smods);
723150
     if (mods) {
723150
@@ -2947,11 +2924,15 @@ add_shadow_ext_password_attrs(Slapi_PBlock *pb, Slapi_Entry **e)
723150
     }
723150
     slapi_mods_free(&smods);
723150
 
723150
-#if 0 /* These 2 attributes are no need (or not able) to auto-fill. */
723150
+#if 0 /* These 3 attributes are no need (or not able) to auto-fill. */
723150
     /* 
723150
      * shadowInactive - the number of days of inactivity allowed for the user.
723150
      * Password Policy does not have the corresponding parameter.
723150
      * 
723150
+     * shadowExpire - the number of days since Jan 1, 1970 after which the
723150
+     * account, not the password, will expire.  This is not affected by the
723150
+     * Password Policy.
723150
+     * 
723150
      * shadowFlag - not currently in use.
723150
      */
723150
 #endif
723150
-- 
723150
2.9.3
723150