[19172] in Kerberos
Re: Improved support for password/principal expiration
daemon@ATHENA.MIT.EDU (Raymond M Schneider)
Fri May 2 11:23:36 2003
Date: Fri, 2 May 2003 11:26:10 -0400
From: Raymond M Schneider <ray@securityfoo.net>
To: "James F.Hranicky" <jfh@cise.ufl.edu>
Message-ID: <20030502152609.GA25860@securityfoo.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20030502102944.6652506a.jfh@cise.ufl.edu>
cc: kerberos@mit.edu
Errors-To: kerberos-bounces@mit.edu
On Fri, May 02, 2003 at 10:29:44AM -0400, James F.Hranicky wrote:
> On Fri, 2 May 2003 10:02:32 -0400
> Raymond M Schneider <ray@securityfoo.net> wrote:
>
> > I seem to recall someone telling me that even though passwd expiration
> > notification was broken in the 1.2.* codebase, that it had been fixed
> > in the 1.3.* code base? still true?
>
> AFAICT, the bug that prevents notification on the client side has been fixed,
> but there's still only one field "key_exp" in struct _krb5_enc_kdc_rep_part
> that allows for an expiration date.
>
right.
> do_as_req.c still shows only
>
> reply_encpart.key_exp = client.expiration;
>
> and there's no code setting any field in reply_encpart to the value of
> client.pw_expiration .
>
right. im with ya.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
