slapo-ppolicy 2.4 vs. 2.5 - openldap-devel

1 May 2021


      HI!
slapo-ppolicy in OpenLDAP 2.5 shows slightly different behaviour in
python-ldap0 tests (see test output below).
Tests:
https://gitlab.com/ae-dir/python-ldap0/-/blob/master/tests/test_ppolicy.py
When working with Ondřej for solving ITS#9279 I finally "fixed" ldap0
tests to accomodate the behaviour of OpenLDAP 2.4.x. I did not feel
comfortable back then because it was not clear to me whether it was the
correct fix.
Do you have any tests you could run against 2.4 and 2.5 to verify
whether both have same behaviour?
Ciao, Michael.
======================================================================
FAIL: test003_ppolicy_grace_logins (tests.test_ppolicy.TestPPolicy)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/home/michael/Proj/ae-dir/python-ldap0/tests/test_ppolicy.py",
line 235, in test003_ppolicy_grace_logins
    self.assertEqual(
AssertionError: 'Password expired! 1 grace logins left.' != 'Password
expired! 2 grace logins left.'
- Password expired! 1 grace logins left.
?                   ^
+ Password expired! 2 grace logins left.
?                   ^
======================================================================
FAIL: test001_pwdpolicy_expiration (tests.test_ppolicy.TestPwdPolicy)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/home/michael/Proj/ae-dir/python-ldap0/tests/test_ppolicy.py",
line 285, in test001_pwdpolicy_expiration
    self.assertIsInstance(bind_res.ctrls[0], PasswordExpiringControl)
AssertionError: <ldap0.controls.pwdpolicy.PasswordExpiredControl object
at 0x7efc9d8ca760> is not an instance of <class
'ldap0.controls.pwdpolicy.PasswordExpiringControl'>
======================================================================
FAIL: test002_pwdpolicy_expired (tests.test_ppolicy.TestPwdPolicy)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/home/michael/Proj/ae-dir/python-ldap0/tests/test_ppolicy.py",
line 306, in test002_pwdpolicy_expired
    l.simple_bind_s(self.user_dn, user_password.encode('utf-8'))
AssertionError: INVALID_CREDENTIALS not raised