389-ds-base

Clone
Source Code
GIT

7498972 Ticket 47753 - Add switch to disable pre-hashed password checking

6 files Authored by nkinder 9 years ago, Committed by nhosoi 9 years ago,
raw patch tree parent
6 files changed. 41 lines added. 2 lines removed.
ldap/ldif/template-dse.ldif.in
file modified
+1 -0
ldap/schema/01core389.ldif
file modified
+1 -0
ldap/servers/slapd/libglobs.c
file modified
+32 -0
ldap/servers/slapd/proto-slap.h
file modified
+2 -0
ldap/servers/slapd/pw.c
file modified
+3 -2
ldap/servers/slapd/slap.h
file modified
+2 -0 
    Ticket 47753 - Add switch to disable pre-hashed password checking
    
    By default, 389 DS doesn't allow pre-hashed passwords to be set by
    anyone other than Directory Manager. This privilege can be delegated
    to other users by adding them to the Password Administrators group.
    This works fine for most cases, but there are cases where one might
    want to allow anyone to set pre-hashed passwords. An example is the
    FreeIPA project, who has their own SLAPI plug-in that controls
    pre-hashed password checking. We should add a switch to completely
    disable pre-hashed password checking to support this case.
    
    https://fedorahosted.org/389/ticket/47753
    
    Reviewed by mreynolds@redhat.com
    (cherry picked from commit ab6438901fd1481ceceb40d6dff8935ac656dc04)
file modified
+1 -0
file modified
+1 -0
file modified
+32 -0
file modified
+2 -0
file modified
+3 -2
file modified
+2 -0
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.