Error messages from krb5_set_password
Greg Hudson
ghudson at MIT.EDU
Thu Feb 14 22:49:58 EST 2013
On 02/14/2013 07:00 PM, Jonathan Reams wrote:
> After upgrading from krb5-1.9.4 to krb5-1.11, our password sync plugin
> started showing "Password change failed" for all our
> password synchronizations, even though testing shows that password changes
> succeed. Between these two versions, it looks like this function changed
> how it gets the value of result_code_string, and that the
> new krb5_chpw_result_code_string function has no value for success
By "this function" you mean krb5_set_password?
In 1.9, the result code string could be obtained using
krb5_chpw_result_code_string or krb5int_setpw_result_code_string. The
former didn't have a string value for 0 (just as it doesn't now), but
the latter did. In 1.10, the value is always obtained using
krb5_chpw_result_code_string.
> Does that make sense?
I will push the patch. Historically, we've been inconsistent about
supplying a meaningful result_code_string when result_code is 0, but
there's no good reason not to do so.
More information about the krbdev
mailing list