[11545] in Kerberos-V5-bugs
[krbdev.mit.edu #6718] SVN Commit
daemon@ATHENA.MIT.EDU (Tom Yu via RT)
Wed May 19 14:52:49 2010
Mail-followup-to: rt@krbdev.mit.edu
mail-copies-to: never
From: "Tom Yu via RT" <rt-comment@krbdev.MIT.EDU>
In-Reply-To: <rt-6718@krbdev.mit.edu>
Message-ID: <rt-6718-32830.0.406130203812367@krbdev.mit.edu>
To: "'AdminCc of krbdev.mit.edu Ticket #6718'":;"'AdminCc of krbdev.mit.edu Ticket #6718'":;@MIT.EDU
Date: Wed, 19 May 2010 14:52:47 -0400 (EDT)
Reply-To: rt-comment@krbdev.MIT.EDU
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu
pull up r24002 from trunk
------------------------------------------------------------------------
r24002 | ghudson | 2010-05-10 18:23:57 -0400 (Mon, 10 May 2010) | 14 lines
ticket: 6718
subject: Make KADM5_FAIL_AUTH_COUNT_INCREMENT more robust with LDAP
target_version: 1.8.2
tags: pullup
In krb5_ldap_put_principal, use krb5_get_attributes_mask to determine
whether krbLoginFailedCount existed on the entry when it was
retrieved. If it didn't exist, don't try to use LDAP_MOD_INCREMENT,
and don't assert an old value when not using LDAP_MOD_INCREMENT.
Also, create the krbLoginFailedCount attribute when creating new
entries. This allows us to use LDAP_MOD_INCREMENT during the first
failed login (if the server supports it), avoiding a race condition.
http://src.mit.edu/fisheye/changelog/krb5/?cs=24061
Commit By: tlyu
Revision: 24061
Changed Files:
U branches/krb5-1-8/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
