+2005-10-12 Tom Yu <tlyu@mit.edu>
+
+ * misc.h, misc.c (schpw_util_wrapper): Rename from
+ chpass_util_wrapper to make functionality a little more obvious.
+
+ * schpw.c (process_chpw_request): Update for rename of
+ chpass_util_wrapper.
+
+ * misc.c (randkey_principal_wrapper_3, schpw_util_wrapper)
+ (chpass_principal_wrapper_3): Update for check_min_life.
+
+ * misc.h, misc.c (check_min_life): Change to take return error
+ string from KADM5_PASS_TOOSOON, adapted from patch from Shawn
+ Emery.
+
2005-08-20 Ken Raeburn <raeburn@mit.edu>
* kadm_rpc_svc.c, server_stubs.c: Rename all RPC functions from
{
kadm5_ret_t ret;
- ret = check_min_life(server_handle, principal);
+ ret = check_min_life(server_handle, principal, NULL, 0);
if (ret)
return ret;
{
kadm5_ret_t ret;
- ret = check_min_life(server_handle, principal);
+ ret = check_min_life(server_handle, principal, NULL, 0);
if (ret)
return ret;
return kadm5_randkey_principal_3(server_handle, principal,
}
kadm5_ret_t
-chpass_util_wrapper(void *server_handle, krb5_principal princ,
- char *new_pw, char **ret_pw,
- char *msg_ret, unsigned int msg_len)
+schpw_util_wrapper(void *server_handle, krb5_principal princ,
+ char *new_pw, char **ret_pw,
+ char *msg_ret, unsigned int msg_len)
{
kadm5_ret_t ret;
- ret = check_min_life(server_handle, princ);
+ ret = check_min_life(server_handle, princ, msg_ret, msg_len);
if (ret)
return ret;
}
kadm5_ret_t
-check_min_life(void *server_handle, krb5_principal principal)
+check_min_life(void *server_handle, krb5_principal principal,
+ char *msg_ret, unsigned int msg_len)
{
krb5_int32 now;
kadm5_ret_t ret;
kadm5_principal_ent_rec princ;
kadm5_server_handle_t handle = server_handle;
+ if (msg_ret != NULL)
+ *msg_ret = '\0';
+
ret = krb5_timeofday(handle->context, &now);
if (ret)
return ret;
}
if((now - princ.last_pwd_change) < pol.pw_min_life &&
!(princ.attributes & KRB5_KDB_REQUIRES_PWCHANGE)) {
+ if (msg_ret != NULL) {
+ time_t until;
+ char *time_string, *ptr, *errstr;
+
+ until = princ.last_pwd_change + pol.pw_min_life;
+
+ time_string = ctime(&until);
+ errstr = error_message(CHPASS_UTIL_PASSWORD_TOO_SOON);
+
+ if (strlen(errstr) + strlen(time_string) >= msg_len) {
+ *errstr = '\0';
+ } else {
+ if (*(ptr = &time_string[strlen(time_string)-1]) == '\n')
+ *ptr = '\0';
+ sprintf(msg_ret, errstr, time_string);
+ }
+ }
+
(void) kadm5_free_policy_ent(handle->lhandle, &pol);
(void) kadm5_free_principal_ent(handle->lhandle, &princ);
return KADM5_PASS_TOOSOON;
krb5_keyblock **keys, int *n_keys);
kadm5_ret_t
-chpass_util_wrapper(void *server_handle, krb5_principal princ,
- char *new_pw, char **ret_pw,
- char *msg_ret, unsigned int msg_len);
+schpw_util_wrapper(void *server_handle, krb5_principal princ,
+ char *new_pw, char **ret_pw,
+ char *msg_ret, unsigned int msg_len);
-kadm5_ret_t check_min_life(void *server_handle, krb5_principal principal);
+kadm5_ret_t check_min_life(void *server_handle, krb5_principal principal,
+ char *msg_ret, unsigned int msg_len);
kadm5_ret_t kadm5_get_principal_v1(void *server_handle,
krb5_principal principal,
memcpy(ptr, clear.data, clear.length);
ptr[clear.length] = '\0';
- ret = chpass_util_wrapper(server_handle, ticket->enc_part2->client,
- ptr, NULL, strresult, sizeof(strresult));
+ ret = schpw_util_wrapper(server_handle, ticket->enc_part2->client,
+ ptr, NULL, strresult, sizeof(strresult));
/* zap the password */
memset(clear.data, 0, clear.length);