Hi,
currently we can only present a warning message which in generated inside the MIT Kerberos library to the user if the password is about to expire. But the developers of MIT Kerberos were so nice to add a new API to retrieve the original timestamps (http://k5wiki.kerberos.org/wiki/Projects/Password_expiration_API). It is currently available in the daily development snapshots of MIT Kerberos and should find its way into the 1.9 release.
The attached patch checks if the new API is available and adds a callback to read the password expiration timestamp. As mentioned on the web page there is a small chance that this patch will not display the time when the password expires, but the time when the account expires. I think we can neglect this case.
bye, Sumit
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 09/10/2010 09:38 AM, Sumit Bose wrote:
Hi,
currently we can only present a warning message which in generated inside the MIT Kerberos library to the user if the password is about to expire. But the developers of MIT Kerberos were so nice to add a new API to retrieve the original timestamps (http://k5wiki.kerberos.org/wiki/Projects/Password_expiration_API). It is currently available in the daily development snapshots of MIT Kerberos and should find its way into the 1.9 release.
The attached patch checks if the new API is available and adds a callback to read the password expiration timestamp. As mentioned on the web page there is a small chance that this patch will not display the time when the password expires, but the time when the account expires. I think we can neglect this case.
Ack.
- -- Stephen Gallagher RHCE 804006346421761
Delivering value year after year. Red Hat ranks #1 in value among software vendors. http://www.redhat.com/promo/vendor/
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 09/23/2010 08:13 AM, Stephen Gallagher wrote:
On 09/10/2010 09:38 AM, Sumit Bose wrote:
Hi,
currently we can only present a warning message which in generated inside the MIT Kerberos library to the user if the password is about to expire. But the developers of MIT Kerberos were so nice to add a new API to retrieve the original timestamps (http://k5wiki.kerberos.org/wiki/Projects/Password_expiration_API). It is currently available in the daily development snapshots of MIT Kerberos and should find its way into the 1.9 release.
The attached patch checks if the new API is available and adds a callback to read the password expiration timestamp. As mentioned on the web page there is a small chance that this patch will not display the time when the password expires, but the time when the account expires. I think we can neglect this case.
Ack.
Pushed to master.
- -- Stephen Gallagher RHCE 804006346421761
Delivering value year after year. Red Hat ranks #1 in value among software vendors. http://www.redhat.com/promo/vendor/
sssd-devel@lists.fedorahosted.org