On Sat, May 01, 2021 at 05:31:44PM +0200, Michael Ströder wrote: > HI! > > slapo-ppolicy in OpenLDAP 2.5 shows slightly different behaviour in > python-ldap0 tests (see test output below). > > Tests: > https://gitlab.com/ae-dir/python-ldap0/-/blob/master/tests/test_ppolicy.py > > When working with Ondřej for solving ITS#9279 I finally "fixed" ldap0 > tests to accomodate the behaviour of OpenLDAP 2.4.x. I did not feel > comfortable back then because it was not clear to me whether it was the > correct fix. > > Do you have any tests you could run against 2.4 and 2.5 to verify > whether both have same behaviour? > > Ciao, Michael. > > ====================================================================== > FAIL: test003_ppolicy_grace_logins (tests.test_ppolicy.TestPPolicy) > ---------------------------------------------------------------------- > Traceback (most recent call last): > File "/home/michael/Proj/ae-dir/python-ldap0/tests/test_ppolicy.py", > line 235, in test003_ppolicy_grace_logins > self.assertEqual( > AssertionError: 'Password expired! 1 grace logins left.' != 'Password > expired! 2 grace logins left.' > - Password expired! 1 grace logins left. > ? ^ > + Password expired! 2 grace logins left. > ? ^
Does the count reported match the wording of the draft in section 6.2? """ The graceAuthNsRemaining warning specifies the remaining number of times a user will be allowed to authenticate with an expired password. """ If not, please reopen ITS#7596 with a test case. Thanks, -- Ondřej Kuzník Senior Software Engineer Symas Corporation http://www.symas.com Packaged, certified, and supported LDAP solutions powered by OpenLDAP
