	cosign-discuss at umich.edu
	general discussion of cosign development and deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CGI problem with expired passwords

To: Graeme Wood <Graeme.Wood@xxxxxxxx>
Subject: Re: CGI problem with expired passwords
From: johanna bromberg craig <canna@xxxxxxxxx>
Date: Tue, 24 Aug 2004 21:56:23 -0400
Cc: cosign-discuss@xxxxxxxxx
In-reply-to: <Pine.GSO.4.58.0408241114430.644@sagittarius.ucs.ed.ac.uk>
References: <Pine.GSO.4.58.0408241114430.644@sagittarius.ucs.ed.ac.uk>

Good catch! Your patch has been committed. :)

Thanks!

-Johanna

Thanks for
On Aug 24, 2004, at 6:17 AM, Graeme Wood wrote:

The cgi doesn't handle the case of principals with expired passwords. It will generate an invalid response as a result of the krb5_get_init_creds_password function call trying to prompt the user to change password if it is expired. The patch attached will set the prompter to NULL to prevent the library function prompting.

Cheers

-- ======================================================================= ====== Graeme Wood Email: Graeme.Wood@xxxxxxxx Unix Systems Support Phone: +44 131 650 5003 The University of Edinburgh Fax: +44 131 650 6552 ======================================================================= ======
!DSPAM:412b5401207251925510131!
<cgi.patch>

References:
- CGI problem with expired passwords
  - From: Graeme Wood

Prev by Date: CGI problem with expired passwords
Next by Date: Re: small updates for apache filter and cgi
Previous by thread: CGI problem with expired passwords
Next by thread: RE: IIS Cosign failure mode - security hole?
Index(es):
- Date
- Thread