38f473b96f
bnc#705768,bnc#709747 (forwarded request 77655 from rhafer) OBS-URL: https://build.opensuse.org/request/show/77656 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sssd?expand=0&rev=28
34 lines
1.4 KiB
Diff
34 lines
1.4 KiB
Diff
From d0bf20038fddf5ad296287fb16bc80082088b770 Mon Sep 17 00:00:00 2001
|
|
From: Stephen Gallagher <sgallagh@redhat.com>
|
|
Date: Mon, 1 Aug 2011 10:48:06 -0400
|
|
Subject: Allow LDAP to decide when an expiration warning is warranted
|
|
|
|
Previously, we were only displaying expiration warnings if the
|
|
password was going to expire within a day. We'll allow LDAP to
|
|
make this decision (by whether it passes us the expiration time).
|
|
|
|
In the future, we can add an option to clamp this down to a
|
|
shorter period if the local admin prefers it.
|
|
|
|
diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c
|
|
index 3c9d760..7fcf985 100644
|
|
--- a/src/responder/pam/pamsrv_cmd.c
|
|
+++ b/src/responder/pam/pamsrv_cmd.c
|
|
@@ -409,9 +409,10 @@ static errno_t filter_responses(struct confdb_ctx *cdb,
|
|
}
|
|
memcpy(&expire_warn, resp->data + sizeof(uint32_t),
|
|
sizeof(uint32_t));
|
|
- if(expire_warn > pam_expiration_warning * (60 * 60 * 24)) {
|
|
- resp->do_not_send_to_client = true;
|
|
- }
|
|
+ /* TODO: Add an option to limit the display of the
|
|
+ * expiration warning to a specified number of
|
|
+ * days (e.g. 14)
|
|
+ */
|
|
break;
|
|
default:
|
|
DEBUG(7, ("User info type [%d] not filtered.\n"));
|
|
--
|
|
1.7.3.4
|
|
|