nss-pam-ldapd branch master updated. 0.9.11-2-gfea0f5e

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Commits of the nss-pam-ldapd project <nss-pam-ldapd-commits [at] lists.arthurdejong.org>
To: nss-pam-ldapd-commits [at] lists.arthurdejong.org
Reply-to: nss-pam-ldapd-users [at] lists.arthurdejong.org, nss-pam-ldapd-commits [at] lists.arthurdejong.org
Subject: nss-pam-ldapd branch master updated. 0.9.11-2-gfea0f5e
Date: Sun, 13 Oct 2019 17:32:57 +0200 (CEST)

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "nss-pam-ldapd".

The branch, master has been updated
       via  fea0f5ed287b04406afca0835b1a333bd1fe617b (commit)
      from  1025d5de336d8c9585b79df3154b5649da344281 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
https://arthurdejong.org/git/nss-pam-ldapd/commit/?id=fea0f5ed287b04406afca0835b1a333bd1fe617b

commit fea0f5ed287b04406afca0835b1a333bd1fe617b
Author: Arthur de Jong <arthur@arthurdejong.org>
Date:   Sun Oct 13 17:24:36 2019 +0200

    Add pam_authc_ppolicy support in pynslcd
    
    See https://bugs.debian.org/900253

diff --git a/pynslcd/cfg.py b/pynslcd/cfg.py
index 877d442..b970b5a 100644
--- a/pynslcd/cfg.py
+++ b/pynslcd/cfg.py
@@ -87,6 +87,7 @@ nss_nested_groups = False
 nss_getgrent_skipmembers = False
 nss_disable_enumeration = False
 validnames = re.compile(r'^[a-z0-9._@$][a-z0-9._@$ 
\\~-]{0,98}[a-z0-9._@$~-]$', re.IGNORECASE)
+pam_authc_ppolicy = True
 pam_authz_searches = []
 pam_password_prohibit_message = None
 reconnect_invalidate = set()
@@ -184,7 +185,7 @@ def read(filename):  # noqa: C901 (many simple branches)
         # parse options with a single boolean argument
         m = re.match(
             
r'(?P<keyword>referrals|nss_nested_groups|nss_getgrent_skipmembers|'
-            r'nss_disable_enumeration)\s+(?P<value>%s)' % (
+            r'nss_disable_enumeration|pam_authc_ppolicy)\s+(?P<value>%s)' % (
                 '|'.join(_boolean_options.keys())),
             line, re.IGNORECASE)
         if m:
diff --git a/pynslcd/pam.py b/pynslcd/pam.py
index b372cdd..5f5486b 100644
--- a/pynslcd/pam.py
+++ b/pynslcd/pam.py
@@ -42,8 +42,10 @@ def authenticate(binddn, password):
     # open a new connection
     conn = search.Connection()
     # bind using the specified credentials
-    pwctrl = PasswordPolicyControl()
-    res, data, msgid, ctrls = conn.simple_bind_s(binddn, password, 
serverctrls=[pwctrl])
+    serverctrls = []
+    if cfg.pam_authc_ppolicy:
+        serverctrls.append(PasswordPolicyControl())
+    res, data, msgid, ctrls = conn.simple_bind_s(binddn, password, 
serverctrls=serverctrls)
     # go over bind result server controls
     for ctrl in ctrls:
         if ctrl.controlType == PasswordPolicyControl.controlType:

-----------------------------------------------------------------------

Summary of changes:
 pynslcd/cfg.py | 3 ++-
 pynslcd/pam.py | 6 ++++--
 2 files changed, 6 insertions(+), 3 deletions(-)


hooks/post-receive
-- 
nss-pam-ldapd

nss-pam-ldapd branch master updated. 0.9.11-2-gfea0f5e, Commits of the nss-pam-ldapd project

Prev by Date: nss-pam-ldapd branch master updated. 0.9.11-1-g1025d5d
Next by Date: nss-pam-ldapd branch master updated. 0.9.11-3-g548efe5
Previous by thread: nss-pam-ldapd branch master updated. 0.9.11-1-g1025d5d
Next by thread: nss-pam-ldapd branch master updated. 0.9.11-3-g548efe5