oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

add nob for [kadmin]allow_self_change_password

Browse Source
This commit is contained in:
Love Hörnquist Åstrand
2011-07-30 12:34:40 -07:00
parent 0ed83cebd3
commit 63672067ea
1 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
kadmin/server.c
View File

@@ -235,14 +235,17 @@ kadmind_dispatch(void *kadm_handlep, krb5_boolean initial,
/* /*
* The change is allowed if at least one of: * The change is allowed if at least one of:
*
* a) it's for the principal him/herself and this was an * a) allowed by sysadmin
* b) it's for the principal him/herself and this was an
* initial ticket, but then, check with the password quality * initial ticket, but then, check with the password quality
* function. * function.
* b) the user is on the CPW ACL. * c) the user is on the CPW ACL.
*/ */
if (initial if (krb5_config_get_bool_default(contextp->context, NULL, TRUE,
"kadmin", "allow_self_change_password", NULL)
&& initial
&& krb5_principal_compare (contextp->context, contextp->caller, && krb5_principal_compare (contextp->context, contextp->caller,
princ)) princ))
{ {