From: Greg Hudson Date: Fri, 21 Jan 2011 05:00:53 +0000 (+0000) Subject: Fix edge case in LDAP last_admin_unlock processing X-Git-Tag: krb5-1.10-alpha1~613 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=49204ef76a83dcc3e8f6f152980562b8ce5433e0;p=krb5.git Fix edge case in LDAP last_admin_unlock processing In the LDAP KDB module, set appropriate flags when zeroing entry->fail_auth_count due to an administrative unlock. ticket: 6849 target_version: 1.9.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24601 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/plugins/kdb/ldap/libkdb_ldap/lockout.c b/src/plugins/kdb/ldap/libkdb_ldap/lockout.c index 509c692e6..a218dc7e0 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/lockout.c +++ b/src/plugins/kdb/ldap/libkdb_ldap/lockout.c @@ -196,6 +196,7 @@ krb5_ldap_lockout_audit(krb5_context context, entry->last_failed <= unlock_time) { /* Reset fail_auth_count after administrative unlock. */ entry->fail_auth_count = 0; + entry->mask |= KADM5_FAIL_AUTH_COUNT; } if (failcnt_interval != 0 &&