[Freeipa-devel] [PATCHES] Password caching related patches
Simo Sorce
ssorce at redhat.com
Mon May 18 13:33:25 UTC 2009
On Mon, 2009-05-18 at 11:59 +0200, Sumit Bose wrote:
> Simo Sorce schrieb:
> > The following set of patches is not strictly related but they are
> > somewhat interdependent.
> >
> > Feel free to ack/nack and comment individually.
> >
> > 0001 Fix the crypt functions.
> > - make them *not* use static buffers, that's just plain wrong
> > - fix indentation where possible
> > - fix naming so that exported functions do not have too generic names
> > that may conflict (name space)
>
> ACK
>
> >
> > 0002 Prevents accepting a blank password
> > - I think we can all agree that allowing blank passwords is not a good
> > idea, however if someone feels strongly about allowing no password
> > logins we should probably make a patch that looks up the individual user
> > record and read an attribute where the specific user is allowed toi use
> > blank passwords (IMHO)
> >
>
> ACK
>
> > 0003 Split ldap backend
> > - mostly so that each single file is easily digestible but also so that
> > in theory you can mix and match (ldap user + krb pwd or local user +
> > ldap pwd, etc...)
> >
>
> the changes from commit c051ec69a66f3d5c6ae611262ed639c31f93e88e are
> missing this means that offline support does not work
>
> > 0004 Move password caching decision into backends
> > - this is so that backends can have better control (per user
> > caching/other more complex stuff)
> >
>
> see above
>
Attached a new patch that replaces 0003.
0004 applies cleanly on top, so please ack or nack on its own value.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Split-ldap-backend-into-auth-and-identity-files.patch
Type: text/x-patch
Size: 75640 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20090518/af998f3e/attachment.bin>
More information about the Freeipa-devel
mailing list