Password prompt routine in krb5_get_init_creds_password
Greg Hudson
ghudson at MIT.EDU
Mon Jun 10 10:33:36 EDT 2013
On 06/10/2013 10:16 AM, Arpit Srivastava wrote:
> krb5_prompter(krb5_context ctx, void *data, const char *name, const char
> *banner, int num_prompts, krb5_prompt prompts[])
>
> When password is about to expire, what would be the value of num_prompts ?
> (As per my observation its more than one)
There are a couple of prompter invocations relative to password expiry.
If the password has already expired and the library wants to change it,
it will invoke the prompter with two prompts (num_prompts == 2), one for
"Enter new password" and the other for "Enter it again".
krb5_get_prompt_types() will return an array containing
KRB5_PROMPT_TYPE_NEW_PASSWORD and KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN.
If the library simply wants to warn the caller about impending expiry,
and there is no special-purpose callback set for this, the library will
invoke the prompter with a banner and no prompts at all (num_prompts == 0).
More information about the krbdev
mailing list