[Date Prev][Date Next]
Re: Ppolicy overlay password checking module
A pair days ago I finished the same.
And it works ...
/* Allocate */
message = (char *)malloc(sizeof(char) * (strlen(retmsg)+1));
A comment on style: The C language spec defines sizeof(char) == 1. Explicitly
multiplying by "sizeof(char)" in C code is redundant, distracting, and confusing.
It would have been better just to use strdup() here.
/* Copy the contents of the string. */
Only my returned error message slapd shows in log file and doesn't
forward to client.
That is by design. These errors are only meant for system administrators to
view. Passing them back to the client would allow an attacker to discover the
policy, and assist in password cracking attempts.
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/