From: Tom Yu Date: Thu, 8 Mar 2012 04:32:04 +0000 (+0000) Subject: Fix spurious password expiry warning X-Git-Tag: krb5-1.9.4-final~12 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cddf038be31274c5dab262ea4bbbaa91ca34cd89;p=thirdparty%2Fkrb5.git Fix spurious password expiry warning ------------------------------------------------------------------------ r25730 | ghudson | 2012-03-05 12:35:14 -0500 (Mon, 05 Mar 2012) | 15 lines ticket: 7098 subject: Fix spurious password expiry warning target_version: 1.9.4 tags: pullup r24241 (#6755) introduced a bug where if the KDC sends a LastReq entry containing an account expiry time, we send a prompter warning for password expiry even if there was no entry containing a password expiry time. Typically, this results in the message "Warning: Your password will expire in less than one hour on Thu Jan 1 12:00:00 1970". Fix this by explicitly checking for pw_exp == 0 in warn_pw_expiry() after we've gotten past the conditional for invoking the callback. ticket: 7104 version_fixed: 1.9.4 status: resolved git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@25748 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/krb5/krb/gic_pwd.c b/src/lib/krb5/krb/gic_pwd.c index 1fdc814d22..f31c00522c 100644 --- a/src/lib/krb5/krb/gic_pwd.c +++ b/src/lib/krb5/krb/gic_pwd.c @@ -167,6 +167,10 @@ warn_pw_expiry(krb5_context context, krb5_get_init_creds_opt *options, return; } + /* Don't warn if no password expiry value was sent. */ + if (pw_exp == 0) + return; + /* Don't warn if the password is being changed. */ if (in_tkt_service && strcmp(in_tkt_service, "kadmin/changepw") == 0) return;