From 5e689f8d61eff1c4f5173592c8310aeae11cc164 Mon Sep 17 00:00:00 2001 From: Noriko Hosoi Date: Jan 21 2016 00:57:47 +0000 Subject: Ticket #48394 - lower password history minimum to 1 Description: Per request, lower the minimum value of the kept password history from 2 to 1 for both Global password policy as well as for Fine-grained password policy. https://fedorahosted.org/389/ticket/48394 Reviewed by firstyear@redhat.com (Thank you, William!!) --- diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c index 94098bf..51fd2b4 100644 --- a/ldap/servers/slapd/libglobs.c +++ b/ldap/servers/slapd/libglobs.c @@ -3078,10 +3078,10 @@ config_set_pw_inhistory( const char *attrname, char *value, char *errorbuf, int errno = 0; history = strtol(value, &endp, 10); - if ( *endp != '\0' || errno == ERANGE || history < 2 || history > 24 ) { + if ( *endp != '\0' || errno == ERANGE || history < 1 || history > 24 ) { PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "password history length \"%s\" is invalid. " - "The password history must range from 2 to 24", + "The password history must range from 1 to 24", value ); retVal = LDAP_OPERATIONS_ERROR; return retVal; diff --git a/ldap/servers/slapd/modify.c b/ldap/servers/slapd/modify.c index 28d3055..7465e1e 100644 --- a/ldap/servers/slapd/modify.c +++ b/ldap/servers/slapd/modify.c @@ -85,7 +85,7 @@ static struct attr_value_check { {CONFIG_PW_WARNING_ATTRIBUTE, check_pw_duration_value, 0, -1}, {CONFIG_PW_MINLENGTH_ATTRIBUTE, attr_check_minmax, 2, 512}, {CONFIG_PW_MAXFAILURE_ATTRIBUTE, attr_check_minmax, 1, 32767}, - {CONFIG_PW_INHISTORY_ATTRIBUTE, attr_check_minmax, 2, 24}, + {CONFIG_PW_INHISTORY_ATTRIBUTE, attr_check_minmax, 1, 24}, {CONFIG_PW_LOCKDURATION_ATTRIBUTE, check_pw_duration_value, -1, -1}, {CONFIG_PW_RESETFAILURECOUNT_ATTRIBUTE, check_pw_resetfailurecount_value, -1, -1}, {CONFIG_PW_GRACELIMIT_ATTRIBUTE, attr_check_minmax, 0, -1},