diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2011-08-01 10:48:06 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-08-01 12:18:18 -0400 |
commit | b0b9c38dfce3e3ccbfaa4d00fdf2ea08a70d41a6 (patch) | |
tree | 1c34695796df9744f9aeac9172bef15dbbe9ecf5 | |
parent | 83a7d6767035a09099c58838a42fd10516c92063 (diff) | |
download | sssd-b0b9c38dfce3e3ccbfaa4d00fdf2ea08a70d41a6.tar.gz sssd-b0b9c38dfce3e3ccbfaa4d00fdf2ea08a70d41a6.tar.bz2 sssd-b0b9c38dfce3e3ccbfaa4d00fdf2ea08a70d41a6.zip |
Allow LDAP to decide when an expiration warning is warranted
Previously, we were only displaying expiration warnings if the
password was going to expire within a day. We'll allow LDAP to
make this decision (by whether it passes us the expiration time).
In the future, we can add an option to clamp this down to a
shorter period if the local admin prefers it.
-rw-r--r-- | src/responder/pam/pamsrv_cmd.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c index 3c9d7600..7fcf9854 100644 --- a/src/responder/pam/pamsrv_cmd.c +++ b/src/responder/pam/pamsrv_cmd.c @@ -409,9 +409,10 @@ static errno_t filter_responses(struct confdb_ctx *cdb, } memcpy(&expire_warn, resp->data + sizeof(uint32_t), sizeof(uint32_t)); - if(expire_warn > pam_expiration_warning * (60 * 60 * 24)) { - resp->do_not_send_to_client = true; - } + /* TODO: Add an option to limit the display of the + * expiration warning to a specified number of + * days (e.g. 14) + */ break; default: DEBUG(7, ("User info type [%d] not filtered.\n")); |