From def2fab7b53b875c2cf9ba7b7d666aa79412352c Mon Sep 17 00:00:00 2001 From: Howard Chu Date: Thu, 18 Mar 2004 10:20:27 +0000 Subject: [PATCH] Added ppolicy_hide_lockout keyword --- servers/slapd/overlays/ppolicy.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/servers/slapd/overlays/ppolicy.c b/servers/slapd/overlays/ppolicy.c index b8bce27efa..0b68a2b5b7 100644 --- a/servers/slapd/overlays/ppolicy.c +++ b/servers/slapd/overlays/ppolicy.c @@ -40,6 +40,7 @@ /* Per-instance configuration information */ typedef struct pp_info { struct berval def_policy; /* DN of default policy subentry */ + int hide_lockout; /* omit AccountLocked result? */ } pp_info; /* Our per-connection info - note, it is not per-instance, it is @@ -1047,8 +1048,9 @@ ppolicy_bind( Operation *op, SlapReply *rs ) be_entry_release_r( op, e ); if ( rc ) { + pp_info *pi = on->on_bi.bi_private; /* This will be the Draft 8 response, Unwilling is bogus */ - ppb->pErr = PP_accountLocked; + if ( !pi->hide_lockout ) ppb->pErr = PP_accountLocked; send_ldap_error( op, rs, LDAP_INVALID_CREDENTIALS, NULL ); return rs->sr_err; } @@ -1769,6 +1771,13 @@ ppolicy_config( return 1; } return 0; + } else if ( strcasecmp( argv[0], "ppolicy_hide_lockout" ) == 0 ) { + if ( argc != 1 ) { + fprintf( stderr, "%s: line %d: ppolicy_hide_lockout " + "takes no arguments\n", fname, lineno ); + return ( 1 ); + } + pi->hide_lockout = 1; } return SLAP_CONF_UNKNOWN; } -- 2.39.5