Improved support for password/principal expiration
James F.Hranicky
jfh at cise.ufl.edu
Fri May 2 10:29:44 EDT 2003
On Fri, 2 May 2003 10:02:32 -0400
Raymond M Schneider <ray at securityfoo.net> wrote:
> I seem to recall someone telling me that even though passwd expiration
> notification was broken in the 1.2.* codebase, that it had been fixed
> in the 1.3.* code base? still true?
AFAICT, the bug that prevents notification on the client side has been fixed,
but there's still only one field "key_exp" in struct _krb5_enc_kdc_rep_part
that allows for an expiration date.
do_as_req.c still shows only
reply_encpart.key_exp = client.expiration;
and there's no code setting any field in reply_encpart to the value of
client.pw_expiration .
Jim
More information about the Kerberos
mailing list