diff options
| author | Alexandra Ellwood <lxs@mit.edu> | 2008-10-10 20:47:05 +0000 |
|---|---|---|
| committer | Alexandra Ellwood <lxs@mit.edu> | 2008-10-10 20:47:05 +0000 |
| commit | e938813ce6bce90833c6143ec53b7722a5a2d0c4 (patch) | |
| tree | b07447710f58b8712205195e699eb55be160e246 /src/kim/lib/kim_identity.c | |
| parent | 7a03f1e6de24c6acf6e4d9ca1257c6dab2b0fa7c (diff) | |
| download | krb5-e938813ce6bce90833c6143ec53b7722a5a2d0c4.tar.gz krb5-e938813ce6bce90833c6143ec53b7722a5a2d0c4.tar.xz krb5-e938813ce6bce90833c6143ec53b7722a5a2d0c4.zip | |
change password should always reprompt on error
Since it collects the password ahead of time, the prompt
count won't get incremented. Checking whether it
called auth_prompt is useless.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20860 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kim/lib/kim_identity.c')
| -rw-r--r-- | src/kim/lib/kim_identity.c | 20 |
1 files changed, 8 insertions, 12 deletions
diff --git a/src/kim/lib/kim_identity.c b/src/kim/lib/kim_identity.c index a7edc8c38..7cf53d4f0 100644 --- a/src/kim/lib/kim_identity.c +++ b/src/kim/lib/kim_identity.c @@ -689,7 +689,7 @@ kim_error kim_identity_change_password_common (kim_identity in_identity, kim_error rejected_err = KIM_NO_ERROR; kim_string rejected_message = NULL; kim_string rejected_description = NULL; - kim_boolean was_prompted = 0; + kim_boolean was_prompted = 0; /* ignore because we always prompt */ err = kim_ui_change_password (in_ui_context, in_identity, @@ -747,17 +747,12 @@ kim_error kim_identity_change_password_common (kim_identity in_identity, rejected_description); } else if (err && err != KIM_USER_CANCELED_ERR) { - /* new creds failed, report error to user */ - kim_error terr = KIM_NO_ERROR; - - terr = kim_ui_handle_kim_error (in_ui_context, in_identity, - kim_ui_error_type_change_password, - err); - - if (was_prompted || err == KIM_PASSWORD_MISMATCH_ERR) { - /* User could have entered bad info so let them try again. */ - err = terr; - } + /* New creds failed, report error to user. + * Overwrite error so we loop and let the user try again. + * The user always gets prompted so we always loop. */ + err = kim_ui_handle_kim_error (in_ui_context, in_identity, + kim_ui_error_type_change_password, + err); } else { /* password change succeeded or the user gave up */ @@ -786,6 +781,7 @@ kim_error kim_identity_change_password_common (kim_identity in_identity, kim_string_free (&rejected_message); kim_string_free (&rejected_description); + kim_ui_free_string (in_ui_context, &old_password); kim_ui_free_string (in_ui_context, &new_password); kim_ui_free_string (in_ui_context, &verify_password); |