https://bugzilla.redhat.com/show_bug.cgi?id=204626 Resolves: bug 204626 Bug Description: The password syntax checking is still performed against pre-hashed passwords. In addition, we are allowing anyone to store pre-hashed passwords, which we should not do when syntax checking is enabled since it allows one to override the syntax rules. Reviewed by: ??? Files: see diff Branch: HEAD Fix Description: This patch simply checks if a password is pre-hashed in the password syntax checking code. It will reject a pre-hashed password if syntax checking is enabled, with the exception of replicated operations and those initiated by the root DN. The non-rejected cases will not be subject to syntax checking. Platforms tested: F9 Flag Day: no Doc impact: yes. A note about pre-hashed passwords not being allowed when using password syntax checking needs to be added. https://bugzilla.redhat.com/attachment.cgi?id=329221&action=diff -- Fedora-directory-devel mailing list Fedora-directory-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-devel
