[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Password change?

To: Dave Love <d.love@dl.ac.uk>
Subject: Re: Password change?
From: Václav Hůla <ax@natur.cuni.cz>
Date: Wed, 1 Feb 2006 16:18:16 +0100
Cc: heimdal-discuss@sics.se
In-Reply-To: <rzqzmlbs644.fsf@albion.dl.ac.uk>
Organization: CIT
References: <200602010934.31332.ax@natur.cuni.cz> <rzqzmlbs644.fsf@albion.dl.ac.uk>
Reply-To: Václav Hůla <ax@natur.cuni.cz>
Sender: owner-heimdal-discuss@sics.se
User-Agent: KMail/1.8.3

Dne Wednesday 01 of February 2006 11:52 jste napsal(a):

> By the way, there's an outstanding bug that reports an internal error
> from kpasswdd when it does refuse `password reuse'.

And is changing kpasswdd.c around line 404 from:

        reply_priv (auth_context, s, sa, sa_size, KRB5_KPASSWD_HARDERROR,
                    "Internal error");


to:

        reply_priv (auth_context, s, sa, sa_size, KRB5_KPASSWD_HARDERROR,
                    krb5_get_err_text(context, ret));

sufficient, or it can bring more problems?

>
> > And it seems to me that the whole [password_quality] section applies
> > not to password server, but the client.
>
> No, it runs on the server.  The interface for programming the checks
> doesn't give you access to the key set for the principal, though, just
> the new password (which you _could_ store between changes).  The
> ipropd log gives you access to key history where you could check for
> re-use, but probably not in a very convenient form.

Sorry, my bad, I ran kpasswdd with KRB5_CONFIG pointing to old configfile;)

Ax
-- 
Václav Hůla,
správce unixových serverů
Přírodovědecká fakulta
Univerzita Karlova v Praze

Follow-Ups:
- Re: Password change?
  - From: Dave Love <d.love@dl.ac.uk>

References:
- Password change?
  - From: Václav Hůla <ax@natur.cuni.cz>
- Re: Password change?
  - From: Dave Love <d.love@dl.ac.uk>

Prev by Date: Re: Password change?
Next by Date: Re: Password change?
Prev by thread: Re: Password change?
Next by thread: Re: Password change?
Index(es):
- Date
- Thread