From e3e6d42416491dfdcb9707b7399079972b6ed05b Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Tue, 24 Aug 2010 22:45:37 +0000 Subject: [PATCH] In the LDAP KDB module's populate_krb5_db_entry, fix the checks for the KDB_PRINC_EXPIRE_TIME_ATTR and KDB_PWD_EXPIRE_TIME_ATTR flags so that they properly succeed when the flags are set. Bug report from Rob Crittenden, patch from nalin@redhat.com. ticket: 6762 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24254 dc483132-0cff-0310-8789-dd5450dbe970 --- src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c index 1f3e60e92..e9d50196d 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c +++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c @@ -2087,7 +2087,7 @@ populate_krb5_db_entry(krb5_context context, krb5_ldap_context *ldap_context, goto cleanup; if (attr_present == TRUE) { - if ((mask & KDB_PRINC_EXPIRE_TIME_ATTR) == 1) { + if (mask & KDB_PRINC_EXPIRE_TIME_ATTR) { if (expiretime < entry->expiration) entry->expiration = expiretime; } else { @@ -2127,7 +2127,7 @@ populate_krb5_db_entry(krb5_context context, krb5_ldap_context *ldap_context, if ((st=krb5_dbe_lookup_last_pwd_change(context, entry, &last_pw_changed)) != 0) goto cleanup; - if ((mask & KDB_PWD_EXPIRE_TIME_ATTR) == 1) { + if (mask & KDB_PWD_EXPIRE_TIME_ATTR) { if ((last_pw_changed + pw_max_life) < entry->pw_expiration) entry->pw_expiration = last_pw_changed + pw_max_life; } else -- 2.26.2