If the KDC requires a password change kinit will ask after the initial
authentication for a new password. After the password has been changed
it does reauthentication and for that it needs to use the new password
we just set.
It is needed for the a new kpasswd service test.
This is already fixed upstream with:
911c99375741281adae305f6ec3a3317023eba3e
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
{
krb5_init_creds_context ctx;
char buf[BUFSIZ];
+ char buf2[BUFSIZ];
krb5_error_code ret;
int chpw = 0;
if (ret == KRB5KDC_ERR_KEY_EXPIRED && chpw == 0) {
- char buf2[1024];
-
/* try to avoid recursion */
if (in_tkt_service != NULL && strcmp(in_tkt_service, "kadmin/changepw") == 0)
goto out;
client,
ctx->password,
buf2,
- sizeof(buf),
+ sizeof(buf2),
prompter,
data,
options);
if (ret)
goto out;
chpw = 1;
+ password = buf2;
krb5_init_creds_free(context, ctx);
goto again;
}
krb5_init_creds_free(context, ctx);
memset(buf, 0, sizeof(buf));
+ memset(buf2, 0, sizeof(buf2));
return ret;
}