On 5/4/21 9:47 AM, Ondřej Kuzník wrote:
> On Sat, May 01, 2021 at 05:31:44PM +0200, Michael Ströder wrote:
>> slapo-ppolicy in OpenLDAP 2.5 shows slightly different behaviour in
>> python-ldap0 tests (see test output below).
>> [..]
>> AssertionError: 'Password expired! 1 grace logins left.' != 'Password
>> expired! 2 grace logins left.'
>
> Does the count reported match the wording of the draft in section 6.2?
> [..]
> If not, please reopen ITS#7596 with a test case.
Thanks for pointing out ITS#7596. I've now updated my test to match the
new behaviour when running on OpenLDAP 2.5.
Still I have failures in my draft-vchu-ldap-pwd-policy tests (see
below). These might be related to ITS#9279, though I'm not sure. Any
changes in this area?
Ciao, Michael.
======================================================================
FAIL: test001_pwdpolicy_expiration (tests.test_ppolicy.TestPwdPolicy)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/michael/Proj/ae-dir/python-ldap0/tests/test_ppolicy.py",
line 287, in test001_pwdpolicy_expiration
self.assertIsInstance(bind_res.ctrls[0], PasswordExpiringControl)
AssertionError: <ldap0.controls.pwdpolicy.PasswordExpiredControl object
at 0x7f3066e5a9a0> is not an instance of <class
'ldap0.controls.pwdpolicy.PasswordExpiringControl'>
======================================================================
FAIL: test002_pwdpolicy_expired (tests.test_ppolicy.TestPwdPolicy)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/michael/Proj/ae-dir/python-ldap0/tests/test_ppolicy.py",
line 308, in test002_pwdpolicy_expired
l.simple_bind_s(self.user_dn, user_password.encode('utf-8'))
AssertionError: INVALID_CREDENTIALS not raised
