krb5/krb5-1.8-exp_warn.patch
Nalin Dahyabhai 75b08040ff - update to 1.8
- temporarily bundling the krb5-appl package (split upstream as of 1.8)
    until its package review is complete
- profile.d scriptlets are now only needed by -workstation-clients
- adjust paths in init scripts
- drop upstreamed fix for KDC denial of service (CVE-2010-0283)
- drop patch to check the user's password correctly using crypt(), which
    isn't a code path we hit when we're using PAM
2010-03-05 22:19:38 +00:00

18 lines
810 B
Diff

Don't warn of expiration reported the new way if it's more than a week from
now, for consistency with the code that handles expiration times reported the
old way.
diff -up krb5-1.8/src/lib/krb5/krb/gic_pwd.c.exp_warn krb5-1.8/src/lib/krb5/krb/gic_pwd.c
--- krb5-1.8/src/lib/krb5/krb/gic_pwd.c.exp_warn 2010-03-05 11:04:10.000000000 -0500
+++ krb5-1.8/src/lib/krb5/krb/gic_pwd.c 2010-03-05 11:04:10.000000000 -0500
@@ -407,7 +407,8 @@ cleanup:
delta / 86400, ts);
/* ignore an error here */
/* PROMPTER_INVOCATION */
- (*prompter)(context, data, 0, banner, 0, 0);
+ if (delta < 86400 * 7)
+ (*prompter)(context, data, 0, banner, 0, 0);
}
}
}