oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Add require-pwchange flag to HDB and honour it if present in mit-db:.

Browse Source
This commit is contained in:
Roland C. Dowdeswell
2012-02-27 10:19:54 +00:00
parent 91f2de8d1a
commit 0da84c0c3a
5 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
lib/kadm5/get_s.c
View File

@@ -161,6 +161,7 @@ kadm5_s_get_principal(void *server_handle,
out->attributes |= ent.entry.flags.proxiable ? 0 : KRB5_KDB_DISALLOW_PROXIABLE;
out->attributes |= ent.entry.flags.invalid ? KRB5_KDB_DISALLOW_ALL_TIX : 0;
out->attributes |= ent.entry.flags.require_preauth ? KRB5_KDB_REQUIRES_PRE_AUTH : 0;
out->attributes |= ent.entry.flags.require_pwchange ? KRB5_KDB_REQUIRES_PWCHANGE : 0;
out->attributes |= ent.entry.flags.server ? 0 : KRB5_KDB_DISALLOW_SVR;
out->attributes |= ent.entry.flags.change_pw ? KRB5_KDB_PWCHANGE_SERVICE : 0;
out->attributes |= ent.entry.flags.ok_as_delegate ? KRB5_KDB_OK_AS_DELEGATE : 0;