| /freebsd/contrib/pam-krb5/tests/module/ |
| H A D | expired-t.c | 2 * Tests for the pam-krb5 module with an expired password.
5 * expired and the multiple different paths the module can take for handling
87 run_script("data/scripts/expired/basic-heimdal", &config); in main()
91 run_script("data/scripts/expired/basic-heimdal-debug", &config); in main()
93 run_script("data/scripts/expired/basic-heimdal-old", &config); in main()
97 run_script("data/scripts/expired/basic-heimdal-old-debug", &config); in main()
100 run_script("data/scripts/expired/basic-mit", &config); in main()
104 run_script("data/scripts/expired/basic-mit-debug", &config); in main()
112 run_script("data/scripts/expired/basic-heimdal-silent", &config); in main()
116 run_script("data/scripts/expired/basic-heimdal-flag-silent", &config); in main()
[all …]
|
| /freebsd/crypto/openssh/regress/ |
| H A D | sshsig.sh | 163 # key expired
164 trace "$tid: key type $t verify with expired lifespan"
169 fail "failed signature for $t with expired key"
171 trace "$tid: key type $t verify with expired lifespan (now)"
175 fail "failed signature for $t with expired key"
189 # key expired
190 trace "$tid: key type $t find-principals with expired lifespan"
194 fail "failed find-principals for $t with expired key"
196 trace "$tid: key type $t find-principals with expired lifespan (now)"
199 fail "failed find-principals for $t with expired key"
[all …]
|
| /freebsd/contrib/pam-krb5/tests/data/scripts/expired/ |
| H A D | defer-mit-debug | 1 # Test deferring handling of expired passwords. -*- conf -*-
33 DEBUG (user %u) krb5_get_init_creds_password: Password has expired
34 DEBUG (user %u) expired account, deferring failure
35 INFO user %u authenticated as %0 (expired)
38 INFO user %u account password is expired
|
| H A D | defer-mit | 1 # Test deferring handling of expired passwords. -*- conf -*-
30 INFO user %u authenticated as %0 (expired)
31 INFO user %u account password is expired
|
| /freebsd/crypto/openssh/ |
| H A D | auth-shadow.c | 52 * Check if specified account is expired. Returns 1 if account is expired,
70 logit("Account %.100s has expired", spw->sp_namp); in auth_shadow_acctexpired()
85 * Returns: 1 = password expired, 0 = password not expired
124 logit("User %.100s password has expired (root forced)", user); in auth_shadow_pwexpired()
129 logit("User %.100s password has expired (password aged)", user); in auth_shadow_pwexpired()
|
| /freebsd/crypto/heimdal/lib/krb5/ |
| H A D | krb_err.et | 12 ec KDC_NAME_EXP, "Kerberos 4 principal expired"
13 ec KDC_SERVICE_EXP, "Kerberos 4 service expired"
14 ec KDC_AUTH_EXP, "Kerberos 4 auth expired"
27 ec MK_AP_TGTEXP, "Kerberos 4 TGT Expired"
30 ec RD_AP_EXP, "Kerberos 4 ticket expired"
|
| /freebsd/crypto/krb5/src/tests/ |
| H A D | t_kdc_log.py | 3 # Make a TGS request with an expired ticket.
16 fail('Client principal not logged in expired-ticket TGS request')
19 fail('Did not find KDC log line for expired-ticket TGS request')
|
| /freebsd/crypto/krb5/src/util/et/ |
| H A D | test_et.c | 27 printf("Msg TGT-expired is '%s'\n", error_message(KRB_MK_AP_TGTEXP)); in main()
37 printf("With 0: tgt-expired -> %s\n", error_message(KRB_MK_AP_TGTEXP)); in main()
49 printf("With krb: tgt-expired -> %s\n", in main()
62 printf("Msg for TGT-expired is '%s'\n", in main()
|
| /freebsd/contrib/unbound/services/cache/ |
| H A D | rrset.c | 131 /* o if new data is expired, cached data is better */ in need_to_update_rrset()
152 /* o item in cache has expired */ in need_to_update_rrset()
159 * update to fetch the latest data. ttl is not expired, because in need_to_update_rrset()
428 return; /* expired, or rrset has changed in the meantime */ in rrset_check_sec_status()
469 /* looks up with a time of 0, to see expired entries */ in rrset_cache_remove_above()
474 int expired = (now > data->ttl); in rrset_cache_remove_above() local
476 if(expired) in rrset_cache_remove_above()
479 "removed (expired)", in rrset_cache_remove_above()
507 /* looks up with a time of 0, to see expired entries */ in rrset_cache_expired_above()
513 /* it is expired, this is not wanted */ in rrset_cache_expired_above()
[all …]
|
| H A D | dns.h | 81 * @param leeway: TTL value, if not 0, other rrsets are considered expired
113 * @param leeway: TTL value, if not 0, other rrsets are considered expired
140 * @param noexpiredabove: if set, no expired NS rrsets above the one found
161 * @param allow_expired: if true and serve-expired is enabled, it will allow
162 * for expired dns_msg to be generated based on the configured serve-expired
|
| /freebsd/contrib/unbound/cachedb/ |
| H A D | cachedb.c | 396 * overwriting expired, valid, content with broken content. */ in prep_data()
404 /* We don't store the reply if its TTL is 0 unless serve-expired is in prep_data()
459 /* Check if we are allowed to return expired entries: in good_expiry_and_qinfo()
602 /* see how much of the TTL expired, and remove it */ in parse_data()
609 verbose(VERB_ALGO, "cachedb msg expired"); in parse_data()
611 /* If serve-expired is enabled, we still use an expired message in parse_data()
620 return 0; /* message expired */ in parse_data()
630 /* Similar to the unbound worker, if serve-expired is enabled and in parse_data()
631 * the msg would be considered to be expired, mar in parse_data()
[all...] |
| /freebsd/contrib/llvm-project/lldb/source/Host/common/ |
| H A D | Alarm.cpp | 103 // case, the thread will wake up as scheduled, find no expired events, and in Cancel()
149 // 1. The timeout for the next alarm expired. in AlarmThread()
162 // The timeout for the next alarm expired. in AlarmThread()
168 // Iterate over all the callbacks. Call the ones that have expired in AlarmThread()
186 // either the predicate is true or we woke up because an alarm expired. in AlarmThread()
197 // A new alarm was added or an alarm expired. Either way we need to in AlarmThread()
|
| /freebsd/crypto/openssl/doc/man3/ |
| H A D | SSL_CTX_flush_sessions.pod | 5 SSL_CTX_flush_sessions - remove expired sessions
16 B<ctx> to remove sessions expired at time B<tm>.
22 As sessions will not be reused ones they are expired, they should be
|
| /freebsd/crypto/krb5/src/lib/krb5/error_tables/ |
| H A D | krb5_err.et | 42 error_code KRB5KDC_ERR_NAME_EXP, "Client's entry in database has expired"
43 error_code KRB5KDC_ERR_SERVICE_EXP, "Server's entry in database has expired"
64 error_code KRB5KDC_ERR_KEY_EXP, "Password has expired"
75 error_code KRB5KRB_AP_ERR_TKT_EXPIRED, "Ticket expired"
134 error_code KRB5KDC_ERR_PREAUTH_EXPIRED, "Preauthentication expired"
318 error_code KRB5_APPL_EXPIRED, "This application has expired"
319 error_code KRB5_LIB_EXPIRED, "This Krb5 library has expired"
|
| /freebsd/crypto/heimdal/kuser/ |
| H A D | klist.c | 97 rtbl_add_column_entry(ct, COL_EXPIRES, N_(">>>Expired<<<", "")); in print_cred()
192 printf(N_(" (expired)", "")); in print_cred_verbose()
341 int expired; in check_for_tgt() local
361 expired = time(NULL) > creds.times.endtime; in check_for_tgt()
368 return expired; in check_for_tgt()
429 strlcpy (buf2, N_(">>> Expired <<<", ""), sizeof(buf2)); in display_tokens()
518 int expired = 0; in list_caches() local
526 expired = check_for_tgt (context, id, principal, &t); in list_caches()
535 if (expired) in list_caches()
536 str = N_(">>> Expired <<<", ""); in list_caches()
|
| /freebsd/contrib/openpam/doc/man/ |
| H A D | pam.3 | 143 the user's request or because the password has expired.
165 User account has expired.
173 Password has expired.
195 User credentials have expired.
|
| /freebsd/contrib/pam-krb5/docs/ |
| H A D | docknot.yaml | 183 implementation of your KDC for the module/expired test to work, since the
188 Several `module/expired` tests are expected to fail with Heimdal 1.5 due
190 library-mediated password change of an expired password. This is fixed in
322 password change of an expired account during authentication. Supporting
323 password change for expired accounts on Solaris with native Kerberos may
334 password if their password is expired, but when using OpenSSH, this will
340 expired will not be prompted to change their password unless the KDC
471 standard for handling expired accounts and instead returns failure from
491 therefore a ticket cache since the password is expired. But
497 processing an expired password, and `pam_chauthtok`, if it sees that
[all …]
|
| /freebsd/contrib/pam-krb5/module/ |
| H A D | password.c | 333 * Kerberos password expired but the other one didn't?), but warning in pamk5_password()
337 if (ctx->expired && ctx->creds == NULL) in pamk5_password()
339 pamk5_conv(args, "Password expired. You must change it now.", in pamk5_password()
351 * If we were handling a forced password change for an expired password, in pamk5_password()
353 * clear the expired flag in the context. in pamk5_password()
355 if (pamret == PAM_SUCCESS && ctx->expired) { in pamk5_password()
375 ctx->expired = false; in pamk5_password()
|
| H A D | account.c | 44 /* If the account was expired, here's where we actually fail. */ in pamk5_account()
46 if (ctx->expired) { in pamk5_account()
47 pam_syslog(args->pamh, LOG_INFO, "user %s account password is expired", in pamk5_account()
|
| /freebsd/contrib/unbound/util/data/ |
| H A D | msgreply.h | 156 * TTL for prefetch. After it has expired, a prefetch is suitable.
162 * Reply TTL extended with serve expired TTL, to limit time to serve
163 * expired message.
168 * TTL for an expired entry to be used without attempting recursion
170 * This is just an efficiency timer when serve-expired-client-timeout
172 * expired entry instead of trying resolution first.
258 * @param expttl: serve expired ttl
259 * @param norecttl: serve expired no recursion ttl
416 * Check if an *expired* (checked by the caller already) reply info can be used
417 * as an expired answe
[all...] |
| /freebsd/crypto/krb5/src/lib/krb5/rcache/ |
| H A D | rc_file2.c | 126 /* Return true if timestamp is expired, for the current timestamp (now) and
129 expired(uint32_t timestamp, uint32_t now, uint32_t skew) in expired() function
182 * the end of the file, or expired). */ in store()
184 if (nread == 0 || !r1stamp || expired(r1stamp, now, skew)) in store()
186 else if (nread == 1 || !r2stamp || expired(r2stamp, now, skew)) in store()
|
| /freebsd/crypto/krb5/doc/admin/ |
| H A D | troubleshoot.rst | 85 Cannot create cert chain: certificate has expired
90 the signing chain above them has expired.
92 If the KDC certificate has expired, this message appears in the KDC
98 If the client or a signing certificate has expired, this message may
|
| /freebsd/crypto/krb5/doc/html/_sources/admin/ |
| H A D | troubleshoot.rst.txt | 85 Cannot create cert chain: certificate has expired
90 the signing chain above them has expired.
92 If the KDC certificate has expired, this message appears in the KDC
98 If the client or a signing certificate has expired, this message may
|
| /freebsd/crypto/openssh/openbsd-compat/ |
| H A D | port-aix.c | 180 int r, authsuccess = 0, expired, reenter, result; in sys_auth_passwd() local
203 * Check if the user's password is expired. in sys_auth_passwd()
205 expired = passwdexpired(name, &msg); in sys_auth_passwd()
213 debug3("AIX/passwdexpired returned %d msg %.100s", expired, msg); in sys_auth_passwd()
215 switch (expired) { in sys_auth_passwd()
216 case 0: /* password not expired */ in sys_auth_passwd()
218 case 1: /* expired, password change required */ in sys_auth_passwd()
|
| /freebsd/contrib/pam-krb5/ |
| H A D | README | 192 implementation of your KDC for the module/expired test to work, since
197 Several module/expired tests are expected to fail with Heimdal 1.5 due
199 library-mediated password change of an expired password. This is fixed
321 password change of an expired account during authentication. Supporting
322 password change for expired accounts on Solaris with native Kerberos may
333 password if their password is expired, but when using OpenSSH, this will
339 expired will not be prompted to change their password unless the KDC
465 standard for handling expired accounts and instead returns failure from
483 therefore a ticket cache since the password is expired. But
489 processing an expired password, and pam_chauthtok, if it sees that flag,
[all …]
|