Fix spurious password expiry warning

r24241 (#6755) introduced a bug where if the KDC sends a LastReq entry
containing an account expiry time, we send a prompter warning for
password expiry even if there was no entry containing a password
expiry time.  Typically, this results in the message "Warning: Your
password will expire in less than one hour on Thu Jan  1 12:00:00
1970".

Fix this by explicitly checking for pw_exp == 0 in warn_pw_expiry()
after we've gotten past the conditional for invoking the callback.

ticket: 7098
target_version: 1.9.4
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25730 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/krb5/krb/gic_pwd.c b/src/lib/krb5/krb/gic_pwd.c
index 519196e2275bfd7d8be425afa64deaf4b6322143..40b448d150f59e0732d141bb2a82b9d8099c6dd5 100644 (file)
--- a/src/lib/krb5/krb/gic_pwd.c
+++ b/src/lib/krb5/krb/gic_pwd.c
@@ -168,6 +168,10 @@ warn_pw_expiry(krb5_context context, krb5_get_init_creds_opt *options,
         return;
     }
 
+    /* Don't warn if no password expiry value was sent. */
+    if (pw_exp == 0)
+        return;
+
     /* Don't warn if the password is being changed. */
     if (in_tkt_service && strcmp(in_tkt_service, "kadmin/changepw") == 0)
         return;