diff options
author | Arvid Requate <requate@univention.de> | 2014-07-07 17:59:29 +0200 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2015-02-25 01:08:10 +0100 |
commit | 89803009b957b980818aa971a0f5dd14f75cbbe1 (patch) | |
tree | ebf50e842fd04a7f0227519a998db223a41238ca /source4/rpc_server | |
parent | 9b2ff26c893e5748d12d7a37a93eef7b1f4b1a1b (diff) | |
download | samba-89803009b957b980818aa971a0f5dd14f75cbbe1.tar.gz samba-89803009b957b980818aa971a0f5dd14f75cbbe1.tar.xz samba-89803009b957b980818aa971a0f5dd14f75cbbe1.zip |
s4-backupkey: Cert lifetime of 365 days, not secs
hx509_ca_tbs_set_notAfter_lifetime expects the lifetime value in
in seconds. The Windows 7 client didn't seem to care that the lifetime
was only 6'03''. Two other TODOs in this implementation:
* Since notBefore is not set explicietely to "now", the heimdal code
default of now-(24 hours) is applied.
* Server side validity checks and cert renewal are missing.
Signed-off-by: Arvid Requate <requate@univention.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Diffstat (limited to 'source4/rpc_server')
-rw-r--r-- | source4/rpc_server/backupkey/dcesrv_backupkey.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/source4/rpc_server/backupkey/dcesrv_backupkey.c b/source4/rpc_server/backupkey/dcesrv_backupkey.c index 7daa500ce5..5abfa87b02 100644 --- a/source4/rpc_server/backupkey/dcesrv_backupkey.c +++ b/source4/rpc_server/backupkey/dcesrv_backupkey.c @@ -994,7 +994,7 @@ static WERROR generate_bkrp_cert(TALLOC_CTX *ctx, struct dcesrv_call_state *dce_ char *secret_name; struct bkrp_exported_RSA_key_pair keypair; enum ndr_err_code ndr_err; - uint32_t nb_days_validity = 365; + uint32_t nb_days_validity = 3600 * 24 * 365; DEBUG(6, ("Trying to generate a certificate\n")); hx509_context_init(&hctx); |