[Freeipa-devel] [PATCHES] Password caching related patches
Sumit Bose
sbose at redhat.com
Mon May 18 16:02:50 UTC 2009
Simo Sorce schrieb:
> On Mon, 2009-05-18 at 11:59 +0200, Sumit Bose wrote:
>> Simo Sorce schrieb:
>>> The following set of patches is not strictly related but they are
>>> somewhat interdependent.
>>>
>>> Feel free to ack/nack and comment individually.
>>>
>>> 0001 Fix the crypt functions.
>>> - make them *not* use static buffers, that's just plain wrong
>>> - fix indentation where possible
>>> - fix naming so that exported functions do not have too generic names
>>> that may conflict (name space)
>> ACK
>>
>>> 0002 Prevents accepting a blank password
>>> - I think we can all agree that allowing blank passwords is not a good
>>> idea, however if someone feels strongly about allowing no password
>>> logins we should probably make a patch that looks up the individual user
>>> record and read an attribute where the specific user is allowed toi use
>>> blank passwords (IMHO)
>>>
>> ACK
>>
>>> 0003 Split ldap backend
>>> - mostly so that each single file is easily digestible but also so that
>>> in theory you can mix and match (ldap user + krb pwd or local user +
>>> ldap pwd, etc...)
>>>
>> the changes from commit c051ec69a66f3d5c6ae611262ed639c31f93e88e are
>> missing this means that offline support does not work
>>
>>> 0004 Move password caching decision into backends
>>> - this is so that backends can have better control (per user
>>> caching/other more complex stuff)
>>>
>> see above
>>
>
> Attached a new patch that replaces 0003.
> 0004 applies cleanly on top, so please ack or nack on its own value.
>
ACK to 0004
bye,
Sumit
More information about the Freeipa-devel
mailing list