7274.m #21
Closed
7274.m #21
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
alanking
force-pushed
the
7274.m
branch
2 times, most recently
from
cb2cfbd
to
9d34ffd
Compare
This adds tests for iadmin set_grid_configuration to make sure that various invalid inputs are being handled appropriately.
Adds a list of grid configuration namespaces and option names which are not allowed to be modified via set_grid_configuration API. Any namespace which has an option name of empty string means that the entire namespace is protected. This change also adds a check for a given namespace/option_name modification attempt to return an appropriate error if it is not found. This is to notify the administrator that the namespace/option_name they attempted to update does not exist (whether this is due to a typo, an update, or otherwise).
This change adds a new namespace to the R_GRID_CONFIGURATION table in the database for pam_password. The configuration values which were set in the server_config plugin_configuration/authentication/pam_password stanza are now to be set here. These can be configured with the iadmin set_pam_password_config subcommand and queried using iadmin get_pam_password_config.
Authentication configurations in the database now use grid configurations instead of server_config. These are stored in the database and so incur an additional query whenever they are needed. As such, the auth configs are static and have been given the ability to mark themselves as initialized in order to avoid duplicating the queries.
Adds a function which randomly generates an alphanumeric character and concatenates a string which is returned to the user. Unit tests included.
The randomly generated passwords used with PAM authentication are not guaranteed to be of a certain size, including having any contents at all whatsoever. This is due to the fact that the function used to randomly generate bytes for the string may generate all characters which fall outside the acceptable range. Furthermore, the acceptable range of characters does not include all alphanumeric characters, but only the set [1-8B-Yb-y]. This change uses a new function which properly generates a string of alphanumeric characters of the specified length. Due to restrictions in password length for native authentication, the password cannot exceed MAX_PASSWORD_LEN - 8 in length.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.