[Freeipa-devel] [PATCH] #1814 Enforce old password requirement in ldappasswd operations
Simo Sorce
simo at redhat.com
Fri Sep 16 21:30:17 UTC 2011
Although we were properly checking that the user successfully
authenticated (either through a password bind or a GSSAPI bind) we were
not enforcing the requirement to provide us with the old password, and
this is better security hygiene.
Fixes: https://fedorahosted.org/freeipa/ticket/1814
Tested and works for me.
Properly requires old password for self password changes. Do not require
it for admin password changes.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-ipa-pwd-extop-Enforce-old-password-checks.patch
Type: text/x-patch
Size: 3547 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20110916/bf0e579e/attachment.bin>
More information about the Freeipa-devel
mailing list