ITS#9156 Implement pwdStartTime and pwdEndTime

diff --git a/servers/slapd/overlays/ppolicy.c b/servers/slapd/overlays/ppolicy.c
index f379c0c4f6dea6a468e182209c2d1e96b95d2863..5dc708882412b6ee647c85c148f22bae05114597 100644 (file)
--- a/servers/slapd/overlays/ppolicy.c
+++ b/servers/slapd/overlays/ppolicy.c
@@ -507,6 +507,40 @@ account_locked( Operation *op, Entry *e,
 
        assert(mod != NULL);
 
+       if ( (la = attr_find( e->e_attrs, ad_pwdStartTime )) != NULL ) {
+               BerVarray vals = la->a_nvals;
+               time_t then, now = op->o_time;
+
+               /*
+                * Password has a defined start of validity
+                */
+               if ( vals[0].bv_val != NULL ) {
+                       if ( (then = parse_time( vals[0].bv_val )) == (time_t)-1 ) {
+                               return 1;
+                       }
+                       if ( now < then ) {
+                               return 1;
+                       }
+               }
+       }
+
+       if ( (la = attr_find( e->e_attrs, ad_pwdEndTime )) != NULL ) {
+               BerVarray vals = la->a_nvals;
+               time_t then, now = op->o_time;
+
+               /*
+                * Password has a defined end of validity
+                */
+               if ( vals[0].bv_val != NULL ) {
+                       if ( (then = parse_time( vals[0].bv_val )) == (time_t)-1 ) {
+                               return 1;
+                       }
+                       if ( then <= now ) {
+                               return 1;
+                       }
+               }
+       }
+
        if ( !pp->pwdLockout )
                return 0;