diff options
author | Simo Sorce <ssorce@redhat.com> | 2011-09-23 18:37:42 -0400 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2011-09-26 10:07:11 +0200 |
commit | dfc704de25bbf60062361c4a7d41971a77e5c9a4 (patch) | |
tree | 8cefcb5772ac5127f4abe00145a2a08b9173c81f /daemons/ipa-kdb/ipa_kdb_passwords.c | |
parent | f323d818b9a47a4658d6178e5bedb3c2f862db98 (diff) | |
download | freeipa-dfc704de25bbf60062361c4a7d41971a77e5c9a4.tar.gz freeipa-dfc704de25bbf60062361c4a7d41971a77e5c9a4.tar.xz freeipa-dfc704de25bbf60062361c4a7d41971a77e5c9a4.zip |
ipa-kdb: Fix expiration time calculation
Expiration time should be enforced as per policy only for users and only when a
password change occurs, ina ll other cases we should just let kadmin decide
whther it is going to set a password expiration time or just leave it empty.
In general service tickts have strong random passwords so they do not need a
password policy or expiration at all.
https://fedorahosted.org/freeipa/ticket/1839
Diffstat (limited to 'daemons/ipa-kdb/ipa_kdb_passwords.c')
-rw-r--r-- | daemons/ipa-kdb/ipa_kdb_passwords.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/daemons/ipa-kdb/ipa_kdb_passwords.c b/daemons/ipa-kdb/ipa_kdb_passwords.c index 18be9be01..28ec382d9 100644 --- a/daemons/ipa-kdb/ipa_kdb_passwords.c +++ b/daemons/ipa-kdb/ipa_kdb_passwords.c @@ -279,7 +279,7 @@ krb5_error_code ipadb_get_pwd_expiration(krb5_context context, time_t *expire_time) { krb5_error_code kerr; - krb5_timestamp mod_time; + krb5_timestamp mod_time = 0; krb5_principal mod_princ = NULL; krb5_boolean truexp = true; |