From 8d606a93f55c6e3a1cd97a7da70b999cbab730c1 Mon Sep 17 00:00:00 2001
From: Nalin Dahyabhai <nalin@fedoraproject.org>
Date: Thu, 8 Apr 2010 19:14:31 +0000
Subject: [PATCH] - drop patch to suppress key expiration warnings sent from
 the KDC in the     last-req field, as the KDC is expected to just be
 configured to either     send them or not as a particular key approaches
 expiration (#556495)

---
 krb5-1.8-exp_warn.patch | 20 --------------------
 krb5.spec               |  7 +++++--
 2 files changed, 5 insertions(+), 22 deletions(-)
 delete mode 100644 krb5-1.8-exp_warn.patch

diff --git a/krb5-1.8-exp_warn.patch b/krb5-1.8-exp_warn.patch
deleted file mode 100644
index dbd3966..0000000
--- a/krb5-1.8-exp_warn.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-Don't warn of expiration reported the new way if it's more than a week from
-now, for consistency with the code that handles expiration times reported the
-old way.  RT#6682  Discussion in RT leans toward following the code intent
-of depending on the to KDC simply not include the new-style information if
-it's above a configured threshold, thus leaving the timing of warnings to the
-KDC administrator.
-
-diff -up krb5-1.8/src/lib/krb5/krb/gic_pwd.c.exp_warn krb5-1.8/src/lib/krb5/krb/gic_pwd.c
---- krb5-1.8/src/lib/krb5/krb/gic_pwd.c.exp_warn	2010-03-05 11:04:10.000000000 -0500
-+++ krb5-1.8/src/lib/krb5/krb/gic_pwd.c	2010-03-05 11:04:10.000000000 -0500
-@@ -407,7 +407,8 @@ cleanup:
-                                  delta / 86400, ts);
-                     /* ignore an error here */
-                     /* PROMPTER_INVOCATION */
--                    (*prompter)(context, data, 0, banner, 0, 0);
-+                    if (delta < 86400 * 7)
-+                        (*prompter)(context, data, 0, banner, 0, 0);
-                 }
-         }
-     }
diff --git a/krb5.spec b/krb5.spec
index 3d4e80d..9507375 100644
--- a/krb5.spec
+++ b/krb5.spec
@@ -46,7 +46,6 @@ Patch63: krb5-1.8-selinux-label.patch
 Patch70: krb5-trunk-kpasswd_tcp2.patch
 Patch71: krb5-1.8-dirsrv-accountlock.patch
 Patch95: krb5-1.8-opte.patch
-Patch96: krb5-1.8-exp_warn.patch
 Patch98: krb5-1.8-kpasswd_ccache.patch
 Patch99: krb5-trunk-kpasswd_ipv6.patch
 Patch100: krb5-trunk-tktlifetime.patch
@@ -186,7 +185,6 @@ ln -s NOTICE LICENSE
 #%patch70 -p0 -b .kpasswd_tcp2
 %patch71 -p1 -b .dirsrv-accountlock
 %patch95 -p1 -b .opte
-%patch96 -p1 -b .exp_warn
 %patch98 -p0 -b .kpasswd-ccache
 %patch99 -p0 -b .kpasswd-ipv6
 %patch100 -p0 -b .tktlifetime
@@ -624,6 +622,11 @@ exit 0
 %{_sbindir}/uuserver
 
 %changelog
+* Thu Apr  8 2010 Nalin Dahyabhai <nalin@redhat.com>
+- drop patch to suppress key expiration warnings sent from the KDC in
+  the last-req field, as the KDC is expected to just be configured to either
+  send them or not as a particular key approaches expiration (#556495)
+
 * Tue Mar 23 2010 Nalin Dahyabhai <nalin@redhat.com> - 1.8-5
 - add upstream fix for denial-of-service in SPNEGO (CVE-2010-0628, #576325)
 - kdc.conf: no more need to suggest keeping keys with v4-compatible salting