Refactor KDC renewable ticket handling

Create a new helper to compute the renewable lifetime for AS and TGS
requests.  This has some minor behavior differences:

* We only issue a renewable ticket if the renewable lifetime is greater
  than the normal ticket lifetime.

* We give RENEWABLE precedence over RENEWABLE-OK in determining the
  requested renewable lifetime, instead of sometimes doing the
  reverse.

* We use the client's maximum renewable life for TGS requests if we
  have looked up its DB entry.

* Instead of rejecting requests for renewable tickets (if the client
  or server principal doesn't allow it, or a TGS request's TGT isn't
  renewable), issue non-renewable tickets.

ticket: 7661 (new)

0 files changed, 0 insertions, 0 deletions