freeipa

Clone
Source Code
GIT

4cc94cd ipa otptoken-sync: return error when sync fails

2 files Authored by frenaud 2 years ago, Committed by rcritten 2 years ago,
raw patch tree parent
2 files changed. 11 lines added. 5 lines removed.
daemons/ipa-slapi-plugins/ipa-pwd-extop/prepost.c
file modified
+3 -0
ipaclient/plugins/otptoken.py
file modified
+8 -5 
    ipa otptoken-sync: return error when sync fails
    
    The command ipa otptoken-sync does not properly handle
    errors happening during the synchronization step.
    
    - Even if an error is detected (such as invalid password
    provided), the command exits with return code = 0. An
    error message is displayed but the exit code should be 1.
    
    - When an invalid token is provided, the token is not
    synchronized but the error is not reported back to the
    ipa otptoken-sync command.
    
    The first issue can be fixed by raising an exception when
    the HTTP response contains an header with an error.
    The second issue is fixed by returning LDAP_INVALID_CREDENTIALS
    to ldap bind with the sync control if synchronization fails.
    
    Fixes: https://pagure.io/freeipa/issue/9248
    
    Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
    Reviewed-By: Rob Crittenden <rcritten@redhat.com>
file modified
+3 -0
file modified
+8 -5
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.