Password prompt routine in krb5_get_init_creds_password

Greg Hudson ghudson at MIT.EDU
Mon Jun 10 10:33:36 EDT 2013

On 06/10/2013 10:16 AM, Arpit Srivastava wrote:
> krb5_prompter(krb5_context ctx, void *data, const char *name, const char
> *banner, int num_prompts,   krb5_prompt prompts[])
> When password is about to expire, what would be the value of num_prompts ?
> (As per my observation its more than one)

There are a couple of prompter invocations relative to password expiry.

If the password has already expired and the library wants to change it,
it will invoke the prompter with two prompts (num_prompts == 2), one for
"Enter new password" and the other for "Enter it again".
krb5_get_prompt_types() will return an array containing

If the library simply wants to warn the caller about impending expiry,
and there is no special-purpose callback set for this, the library will
invoke the prompter with a banner and no prompts at all (num_prompts == 0).

More information about the krbdev mailing list