From 7a9301c5f93f7f87dcfb66c8cf42e70f2d8ab897 Mon Sep 17 00:00:00 2001
From: Pavel Březina <pbrezina@redhat.com>
Date: Sep 22 2021 07:36:39 +0000
Subject: kdb: fix typo in ipa_kdcpolicy_check_as


Reviewed-By: Rob Crittenden <rcritten@redhat.com>

---

diff --git a/daemons/ipa-kdb/ipa_kdb_kdcpolicy.c b/daemons/ipa-kdb/ipa_kdb_kdcpolicy.c
index aa61a2d..a8ac883 100644
--- a/daemons/ipa-kdb/ipa_kdb_kdcpolicy.c
+++ b/daemons/ipa-kdb/ipa_kdb_kdcpolicy.c
@@ -88,7 +88,7 @@ ipa_kdcpolicy_check_as(krb5_context context, krb5_kdcpolicy_moddata moddata,
     }
 
     ua = ied->user_auth;
-    
+
     /* If no mechanisms are set, allow every auth method */
     if (ua == IPADB_USER_AUTH_NONE) {
         jitter(ONE_DAY_SECONDS, lifetime_out);
@@ -128,7 +128,7 @@ ipa_kdcpolicy_check_as(krb5_context context, krb5_kdcpolicy_moddata moddata,
             valid_auth_indicators++;
             /* Allow hardened even if only password pre-auth is allowed */
             if (!(ua & (IPADB_USER_AUTH_HARDENED | IPADB_USER_AUTH_PASSWORD))) {
-                *status = "Password pre-authentication not not allowed for this user.";
+                *status = "Password pre-authentication not allowed for this user.";
                 kerr = KRB5KDC_ERR_POLICY;
                 goto done;
             }