75b08040ff
- temporarily bundling the krb5-appl package (split upstream as of 1.8)
until its package review is complete
- profile.d scriptlets are now only needed by -workstation-clients
- adjust paths in init scripts
- drop upstreamed fix for KDC denial of service (CVE-2010-0283)
- drop patch to check the user's password correctly using crypt(), which
isn't a code path we hit when we're using PAM
18 lines
810 B
Diff
18 lines
810 B
Diff
Don't warn of expiration reported the new way if it's more than a week from
|
|
now, for consistency with the code that handles expiration times reported the
|
|
old way.
|
|
|
|
diff -up krb5-1.8/src/lib/krb5/krb/gic_pwd.c.exp_warn krb5-1.8/src/lib/krb5/krb/gic_pwd.c
|
|
--- krb5-1.8/src/lib/krb5/krb/gic_pwd.c.exp_warn 2010-03-05 11:04:10.000000000 -0500
|
|
+++ krb5-1.8/src/lib/krb5/krb/gic_pwd.c 2010-03-05 11:04:10.000000000 -0500
|
|
@@ -407,7 +407,8 @@ cleanup:
|
|
delta / 86400, ts);
|
|
/* ignore an error here */
|
|
/* PROMPTER_INVOCATION */
|
|
- (*prompter)(context, data, 0, banner, 0, 0);
|
|
+ if (delta < 86400 * 7)
|
|
+ (*prompter)(context, data, 0, banner, 0, 0);
|
|
}
|
|
}
|
|
}
|