Description of problem:
ipa password policy: the history size feature is not working in current build

here is the short version of my test, for full test output, please check the
first bug comment
0. env setup: set pwpolicy global policy to: history=3 & minlife=0
1. create a test user with initial password
2. kinit as this user, change password to "redhat001"
3. change password to "redhat002"
4. change password to "redhat003"
5. change password to "redhat004"
6. == here comes the test:
6.1 change password to "redhat003" the one used last time
==> test result: password change failed as expected, test pass
6.2 change password to "redhat002", the one used 2 times before
==> test result: password change success, this is not expected, test failed


Version-Release number of selected component (if applicable):
[yi@banana (RH6.3-i386) ipa-password] rpm -qa | grep ipa-server
ipa-server-selinux-2.2.0-8.el6.i686
ipa-server-2.2.0-8.el6.i686
[yi@banana (RH6.3-i386) ipa-password] rpm -qi ipa-server-2.2.0-8.el6.i686
Name        : ipa-server                   Relocations: (not relocatable)
Version     : 2.2.0                             Vendor: Red Hat, Inc.
Release     : 8.el6                         Build Date: Wed 04 Apr 2012
11:23:43 AM PDT
Install Date: Fri 06 Apr 2012 09:21:02 AM PDT      Build Host:
x86-001.build.bos.redhat.com
Group       : System Environment/Base       Source RPM: ipa-2.2.0-8.el6.src.rpm
Size        : 3729365                          License: GPLv3+
Signature   : (none)
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
URL         : http://www.freeipa.org/
Summary     : The IPA authentication server
Description :
IPA is an integrated solution to provide centrally managed Identity (machine,
user, virtual machines, groups, authentication credentials), Policy
(configuration settings, access control information) and Audit (events,
logs, analysis thereof). If you are installing an IPA server you need
to install this package (in other words, most people should NOT install
this package).