kinit with expired password fails, patch

Greg Hudson ghudson at MIT.EDU
Wed Apr 25 12:31:58 EDT 2012

On 04/25/2012 12:24 PM, Russ Allbery wrote:
> This therefore isn't just a problem with password change; it looks like
> any attempted authentication corrupts the context so that no further
> authentication that requires preauth can succeed.

Yuck.  I think we've had this bug for a long time for loadable preauth
modules, but it became a much worse problem in 1.10 when I converted
encrypted timestamp to act more like a loadable module.

We'll definitely fix this in a point release.

More information about the krbdev mailing list