[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: ppolicy module limited to catching 1 login failure per second?
- To: "'Michael Ströder'" <michael@stroeder.com>, <openldap-technical@openldap.org>
- Subject: RE: ppolicy module limited to catching 1 login failure per second?
- From: "Paul B. Henson" <henson@acm.org>
- Date: Mon, 28 Apr 2014 18:39:25 -0700
- Content-language: en-us
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:from:to:references:in-reply-to:subject:date:message-id :mime-version:content-type:content-transfer-encoding:thread-index :content-language; bh=CZ1a16BNlrKmbUIXc4Or/wTxrIuqWoSAhBTC3CnC6dA=; b=YEvYf0T2mNsf4Pj1HYC1PtDYNm0hC2IbqP3on6f33PoG2fhsiYu03RdFDkyhEsYa8L AAjX+CPio6Pg80OzCe1srF2NaWh9wq29igACtN0n5JzZcctZdLvZsPCusSUASBWWVhcQ tLufRT3awjyg9NuJi11NvALPhceJnDadZG/4ox+y3u9SrTd9H12gbptK8ToORT5XamPW 4NHzdKeMbHUj8zsa5vAyLevk0ekfBWp0iejgjQuOMBDUp3UNtFDaaJleCf8vDBoqFRe7 SgJ0r/DyWCOAjShK0jg/x5o9eEJW165zTa1j0Bs3E+XquPv/kHVZhc+2GpM4Kfu8LOTz izSg==
- In-reply-to: <535DF3A4.7090305@stroeder.com>
- References: <20140428022906.GB1541@bender.unx.csupomona.edu> <535DF3A4.7090305@stroeder.com>
- Thread-index: AQJS8PhT3TjveoAv5NrFem4m5Q1vagJg93pRmg2s9YA=
> From: Michael Ströder
> Sent: Sunday, April 27, 2014 11:22 PM
>
> Yes, there's already an ITS present for that:
>
> http://www.openldap.org/its/index.cgi?findid=7161
Hmm, I see that was opened over two years ago and as of yet still has no
response :(.
It would appear the generalized time syntax the attribute is defined as
supports fractional seconds, and in the draft RFC I don't see any specific
requirement that the timestamp be at a per second granularity as opposed to
hundreds of a second or thousands of a second. I will need to go review the
actual code to see if this is something more complicated than it would
initially appear, but I think at this point I'm going to try to fix this
myself. Hopefully such an enhancement would be accepted into the official
version.
Thanks?