From fc5628d72fb6ac69086d8c1ae1c738bebea7cbe7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= Date: Fri, 19 Dec 2008 19:50:50 +0000 Subject: [PATCH] add krb5_init_creds_prompt_expire and use git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24219 ec53bebd-3082-4978-b11e-865c3cabbd6b --- lib/krb5/init_creds_pw.c | 50 +++++++++++++++++++++++----------------- 1 file changed, 29 insertions(+), 21 deletions(-) diff --git a/lib/krb5/init_creds_pw.c b/lib/krb5/init_creds_pw.c index 4b3a17031..d4a173e08 100644 --- a/lib/krb5/init_creds_pw.c +++ b/lib/krb5/init_creds_pw.c @@ -215,17 +215,21 @@ report_expiration (krb5_context context, */ static void -print_expire (krb5_context context, - krb5_const_realm realm, - EncKDCRepPart *enc_part, - krb5_prompter_fct prompter, - krb5_data *data) +krb5_init_creds_prompt_expire (Krb5_context context, + krb5_init_creds_context ctx) { - int i; - LastReq *lr = &enc_part->last_req; + krb5_const_realm realm; + LastReq *lr; + krb5_boolean reported = FALSE; krb5_timestamp sec; time_t t; - krb5_boolean reported = FALSE; + size_t i; + + if (ctx->prompter == NULL) + return; + + realm = krb5_principal_get_realm (context, ctx->cred.client); + lr = &ctx->enc_part.last_req; krb5_timeofday (context, &sec); @@ -238,13 +242,15 @@ print_expire (krb5_context context, if (lr->val[i].lr_value <= t) { switch (abs(lr->val[i].lr_type)) { case LR_PW_EXPTIME : - report_expiration(context, prompter, data, + report_expiration(context, ctx->prompter, + ctx->prompter_data, "Your password will expire at ", lr->val[i].lr_value); reported = TRUE; break; case LR_ACCT_EXPTIME : - report_expiration(context, prompter, data, + report_expiration(context, ctx->prompter, + ctx->prompter_data, "Your account will expire at ", lr->val[i].lr_value); reported = TRUE; @@ -254,11 +260,12 @@ print_expire (krb5_context context, } if (!reported - && enc_part->key_expiration - && *enc_part->key_expiration <= t) { - report_expiration(context, prompter, data, + && ctx->enc_part.key_expiration + && *ctx->enc_part.key_expiration <= t) { + report_expiration(context, ctx->prompter, + ctx->prompter_data, "Your password/account will expire at ", - *enc_part->key_expiration); + *ctx->enc_part.key_expiration); } } @@ -1655,13 +1662,6 @@ krb5_init_creds_get(krb5_context context, krb5_init_creds_context ctx) } - if (ctx->prompter) - print_expire(context, - krb5_principal_get_realm (context, ctx->cred.client), - &ctx->enc_part, - ctx->prompter, - ctx->prompter_data); - out: if (stctx) krb5_sendto_ctx_free(context, stctx); @@ -1727,6 +1727,10 @@ krb5_get_init_creds_password(krb5_context context, } ret = krb5_init_creds_get(context, ctx); + + if (ret == 0) + krb5_init_creds_prompt_expire(context, ctx); + if (ret == KRB5KDC_ERR_KEY_EXPIRED && chpw == 0) { char buf[1024]; @@ -1793,6 +1797,8 @@ krb5_get_init_creds_keyblock(krb5_context context, ret = krb5_init_creds_get(context, ctx); + if (ret == 0) + krb5_init_creds_prompt_expire(context, ctx); out: if (ret == 0) @@ -1835,6 +1841,8 @@ krb5_get_init_creds_keytab(krb5_context context, goto out; ret = krb5_init_creds_get(context, ctx); + if (ret == 0) + krb5_init_creds_prompt_expire(context, ctx); out: if (ret == 0)