* misc.h, misc.c (schpw_util_wrapper): Rename from
authorTom Yu <tlyu@mit.edu>
Wed, 12 Oct 2005 04:09:19 +0000 (04:09 +0000)
committerTom Yu <tlyu@mit.edu>
Wed, 12 Oct 2005 04:09:19 +0000 (04:09 +0000)
chpass_util_wrapper to make functionality a little more obvious.

* schpw.c (process_chpw_request): Update for rename of
chpass_util_wrapper.

* misc.c (randkey_principal_wrapper_3, schpw_util_wrapper)
(chpass_principal_wrapper_3): Update for check_min_life.

* misc.h, misc.c (check_min_life): Change to take return error
string from KADM5_PASS_TOOSOON, adapted from patch from Shawn
Emery.

ticket: 3092
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17417 dc483132-0cff-0310-8789-dd5450dbe970

src/kadmin/server/ChangeLog
src/kadmin/server/misc.c
src/kadmin/server/misc.h
src/kadmin/server/schpw.c

index e461f74cabd0403cd42bfa455e21b0f51f604e60..a84ddc8f03ebea43b483517519f6021acfde4632 100644 (file)
@@ -1,3 +1,18 @@
+2005-10-12  Tom Yu  <tlyu@mit.edu>
+
+       * misc.h, misc.c (schpw_util_wrapper): Rename from
+       chpass_util_wrapper to make functionality a little more obvious.
+
+       * schpw.c (process_chpw_request): Update for rename of
+       chpass_util_wrapper.
+
+       * misc.c (randkey_principal_wrapper_3, schpw_util_wrapper) 
+       (chpass_principal_wrapper_3): Update for check_min_life.
+
+       * misc.h, misc.c (check_min_life): Change to take return error
+       string from KADM5_PASS_TOOSOON, adapted from patch from Shawn
+       Emery.
+
 2005-08-20  Ken Raeburn  <raeburn@mit.edu>
 
        * kadm_rpc_svc.c, server_stubs.c: Rename all RPC functions from
index fb9c3a54183baee2ed274fa6e99dd50c484da29f..c623e55bd96ee41b0de34d504f3e440efa1ab5d7 100644 (file)
@@ -43,7 +43,7 @@ chpass_principal_wrapper_3(void *server_handle,
 {
     kadm5_ret_t                        ret;
 
-    ret = check_min_life(server_handle, principal);
+    ret = check_min_life(server_handle, principal, NULL, 0);
     if (ret)
         return ret;
 
@@ -86,7 +86,7 @@ randkey_principal_wrapper_3(void *server_handle,
 {
     kadm5_ret_t                        ret;
 
-    ret = check_min_life(server_handle, principal);
+    ret = check_min_life(server_handle, principal, NULL, 0);
     if (ret)
         return ret;
     return kadm5_randkey_principal_3(server_handle, principal,
@@ -95,13 +95,13 @@ randkey_principal_wrapper_3(void *server_handle,
 }
 
 kadm5_ret_t
-chpass_util_wrapper(void *server_handle, krb5_principal princ,
-                   char *new_pw, char **ret_pw,
-                   char *msg_ret, unsigned int msg_len)
+schpw_util_wrapper(void *server_handle, krb5_principal princ,
+                  char *new_pw, char **ret_pw,
+                  char *msg_ret, unsigned int msg_len)
 {
     kadm5_ret_t ret;
 
-    ret = check_min_life(server_handle, princ);
+    ret = check_min_life(server_handle, princ, msg_ret, msg_len);
     if (ret)
        return ret;
 
@@ -111,7 +111,8 @@ chpass_util_wrapper(void *server_handle, krb5_principal princ,
 }
 
 kadm5_ret_t
-check_min_life(void *server_handle, krb5_principal principal)
+check_min_life(void *server_handle, krb5_principal principal,
+              char *msg_ret, unsigned int msg_len)
 {
     krb5_int32                 now;
     kadm5_ret_t                        ret;
@@ -119,6 +120,9 @@ check_min_life(void *server_handle, krb5_principal principal)
     kadm5_principal_ent_rec    princ;
     kadm5_server_handle_t      handle = server_handle;
 
+    if (msg_ret != NULL)
+       *msg_ret = '\0';
+
     ret = krb5_timeofday(handle->context, &now);
     if (ret)
        return ret;
@@ -135,6 +139,24 @@ check_min_life(void *server_handle, krb5_principal principal)
        }
        if((now - princ.last_pwd_change) < pol.pw_min_life &&
           !(princ.attributes & KRB5_KDB_REQUIRES_PWCHANGE)) {
+           if (msg_ret != NULL) {
+               time_t until;
+               char *time_string, *ptr, *errstr;
+
+               until = princ.last_pwd_change + pol.pw_min_life;
+
+               time_string = ctime(&until);
+               errstr = error_message(CHPASS_UTIL_PASSWORD_TOO_SOON);
+
+               if (strlen(errstr) + strlen(time_string) >= msg_len) {
+                   *errstr = '\0';
+               } else {
+                   if (*(ptr = &time_string[strlen(time_string)-1]) == '\n')
+                       *ptr = '\0';
+                   sprintf(msg_ret, errstr, time_string);
+               }
+           }
+
            (void) kadm5_free_policy_ent(handle->lhandle, &pol);
            (void) kadm5_free_principal_ent(handle->lhandle, &princ);
            return KADM5_PASS_TOOSOON;
index be7a53f66399dd20af9c5b37c962b22a9ff518e6..b519ba079e897299888db4f57bb6bb52ca6014a4 100644 (file)
@@ -20,11 +20,12 @@ randkey_principal_wrapper_3(void *server_handle,
                            krb5_keyblock **keys, int *n_keys);
 
 kadm5_ret_t
-chpass_util_wrapper(void *server_handle, krb5_principal princ,
-                   char *new_pw, char **ret_pw,
-                   char *msg_ret, unsigned int msg_len);
+schpw_util_wrapper(void *server_handle, krb5_principal princ,
+                  char *new_pw, char **ret_pw,
+                  char *msg_ret, unsigned int msg_len);
 
-kadm5_ret_t check_min_life(void *server_handle, krb5_principal principal);
+kadm5_ret_t check_min_life(void *server_handle, krb5_principal principal,
+                          char *msg_ret, unsigned int msg_len);
 
 kadm5_ret_t kadm5_get_principal_v1(void *server_handle,
                                   krb5_principal principal, 
index 90ccba05fa471fd187bd3621b3e45ea424a4e45b..8c676c08ca16067d9f813187ba8e8deff8ee3f0f 100644 (file)
@@ -248,8 +248,8 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin,
     memcpy(ptr, clear.data, clear.length);
     ptr[clear.length] = '\0';
 
-    ret = chpass_util_wrapper(server_handle, ticket->enc_part2->client,
-                             ptr, NULL, strresult, sizeof(strresult));
+    ret = schpw_util_wrapper(server_handle, ticket->enc_part2->client,
+                            ptr, NULL, strresult, sizeof(strresult));
 
     /* zap the password */
     memset(clear.data, 0, clear.length);