#2287 krb5_child uses the old password twice for chpass
Closed: Duplicate None Opened 7 years ago by jhrozek.

Once to verify the old password and then also during the password change operation to get the kadmind/chpass ticket. This is a problem for OTP as the OTP should never be used twice.

We should check if we can ditch the two-pass approach completely.

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.12 beta
priority: major => critical

Fields changed

rhbz: => 0

Fields changed

milestone: SSSD 1.12 beta => SSSD 1.12.1

Mass-moving all tickets that didn't make 1.12.1 into 1.12.2

milestone: SSSD 1.12.1 => SSSD 1.12.2

I think this should already be fixed since 7.0, but please re-test when working on #2404

mark: => 0
owner: somebody => lslebodn

We need to do a release as requested by downstream. Moving tickets that are not fixed already or very close to acking to 1.12.3

milestone: SSSD 1.12.2 => SSSD 1.12.3

Fields changed

patch: 0 => 1
status: new => assigned

Closing as duplicate of #2404

resolution: => duplicate
status: assigned => closed

Metadata Update from @jhrozek:
- Issue assigned to lslebodn
- Issue set to the milestone: SSSD 1.12.3

4 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/3329

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.