summaryrefslogtreecommitdiff
path: root/src/util
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2010-09-10 14:53:50 +0200
committerStephen Gallagher <sgallagh@redhat.com>2010-09-23 13:21:55 -0400
commit047332ebbe8397a70c92e5e3a5fbd40a9d00d0b5 (patch)
tree345ff3517c81c14b5e1591eb43764e13623f8505 /src/util
parenta685a84bfd4071ccdcc99dd7393d97a7a8d30a1d (diff)
downloadsssd-047332ebbe8397a70c92e5e3a5fbd40a9d00d0b5.tar.gz
sssd-047332ebbe8397a70c92e5e3a5fbd40a9d00d0b5.tar.bz2
sssd-047332ebbe8397a70c92e5e3a5fbd40a9d00d0b5.zip
Use new MIT krb5 API for better password expiration warnings
Diffstat (limited to 'src/util')
-rw-r--r--src/util/sss_krb5.c15
-rw-r--r--src/util/sss_krb5.h13
2 files changed, 26 insertions, 2 deletions
diff --git a/src/util/sss_krb5.c b/src/util/sss_krb5.c
index bbb62f11..5cf91f17 100644
--- a/src/util/sss_krb5.c
+++ b/src/util/sss_krb5.c
@@ -2,7 +2,7 @@
Authors:
Sumit Bose <sbose@redhat.com>
- Copyright (C) 2009 Red Hat
+ Copyright (C) 2009-2010 Red Hat
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -347,3 +347,16 @@ done:
return krberr;
}
+krb5_error_code KRB5_CALLCONV sss_krb5_get_init_creds_opt_set_expire_callback(
+ krb5_context context,
+ krb5_get_init_creds_opt *opt,
+ krb5_expire_callback_func cb,
+ void *data)
+{
+#ifdef HAVE_KRB5_GET_INIT_CREDS_OPT_SET_EXPIRE_CALLBACK
+ return krb5_get_init_creds_opt_set_expire_callback(context, opt, cb, data);
+#else
+ DEBUG(5, ("krb5_get_init_creds_opt_set_expire_callback not available.\n"));
+ return 0;
+#endif
+}
diff --git a/src/util/sss_krb5.h b/src/util/sss_krb5.h
index bc7a4f8a..cf6fedaf 100644
--- a/src/util/sss_krb5.h
+++ b/src/util/sss_krb5.h
@@ -2,7 +2,7 @@
Authors:
Sumit Bose <sbose@redhat.com>
- Copyright (C) 2009 Red Hat
+ Copyright (C) 2009-2010 Red Hat
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -56,4 +56,15 @@ int sss_krb5_verify_keytab(const char *principal,
int sss_krb5_verify_keytab_ex(const char *principal, const char *keytab_name,
krb5_context context, krb5_keytab keytab);
+#ifndef HAVE_KRB5_GET_INIT_CREDS_OPT_SET_EXPIRE_CALLBACK
+typedef void krb5_expire_callback_func(krb5_context context, void *data,
+ krb5_timestamp password_expiration,
+ krb5_timestamp account_expiration,
+ krb5_boolean is_last_req);
+#endif
+krb5_error_code KRB5_CALLCONV sss_krb5_get_init_creds_opt_set_expire_callback(
+ krb5_context context,
+ krb5_get_init_creds_opt *opt,
+ krb5_expire_callback_func cb,
+ void *data);
#endif /* __SSS_KRB5_H__ */