On 5/4/21 9:47 AM, Ondřej Kuzník wrote:
On Sat, May 01, 2021 at 05:31:44PM +0200, Michael Ströder wrote:
slapo-ppolicy in OpenLDAP 2.5 shows slightly different behaviour in python-ldap0 tests (see test output below). [..] AssertionError: 'Password expired! 1 grace logins left.' != 'Password expired! 2 grace logins left.'
Does the count reported match the wording of the draft in section 6.2? [..] If not, please reopen ITS#7596 with a test case.
Thanks for pointing out ITS#7596. I've now updated my test to match the new behaviour when running on OpenLDAP 2.5.
Still I have failures in my draft-vchu-ldap-pwd-policy tests (see below). These might be related to ITS#9279, though I'm not sure. Any changes in this area?
Ciao, Michael.
====================================================================== FAIL: test001_pwdpolicy_expiration (tests.test_ppolicy.TestPwdPolicy) ---------------------------------------------------------------------- Traceback (most recent call last): File "/home/michael/Proj/ae-dir/python-ldap0/tests/test_ppolicy.py", line 287, in test001_pwdpolicy_expiration self.assertIsInstance(bind_res.ctrls[0], PasswordExpiringControl) AssertionError: <ldap0.controls.pwdpolicy.PasswordExpiredControl object at 0x7f3066e5a9a0> is not an instance of <class 'ldap0.controls.pwdpolicy.PasswordExpiringControl'>
====================================================================== FAIL: test002_pwdpolicy_expired (tests.test_ppolicy.TestPwdPolicy) ---------------------------------------------------------------------- Traceback (most recent call last): File "/home/michael/Proj/ae-dir/python-ldap0/tests/test_ppolicy.py", line 308, in test002_pwdpolicy_expired l.simple_bind_s(self.user_dn, user_password.encode('utf-8')) AssertionError: INVALID_CREDENTIALS not raised