diff options
| author | Richard Basch <probe@mit.edu> | 1996-05-09 16:02:10 +0000 |
|---|---|---|
| committer | Richard Basch <probe@mit.edu> | 1996-05-09 16:02:10 +0000 |
| commit | 919ab2ca2953f59ac3ec28b2be22bb15b204b15a (patch) | |
| tree | db9c2cd1f3e2319918c5e770e181bb5e9d7255ce /src | |
| parent | db1c498c1f8409c079ae1f6d7707e110f939318a (diff) | |
| download | krb5-919ab2ca2953f59ac3ec28b2be22bb15b204b15a.tar.gz krb5-919ab2ca2953f59ac3ec28b2be22bb15b204b15a.tar.xz krb5-919ab2ca2953f59ac3ec28b2be22bb15b204b15a.zip | |
Better handling of the principal max_life..
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7952 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src')
| -rw-r--r-- | src/kadmin.v4/server/ChangeLog | 6 | ||||
| -rw-r--r-- | src/kadmin.v4/server/kadm_funcs.c | 30 |
2 files changed, 28 insertions, 8 deletions
diff --git a/src/kadmin.v4/server/ChangeLog b/src/kadmin.v4/server/ChangeLog index 0f4e0741f..f3b8a731b 100644 --- a/src/kadmin.v4/server/ChangeLog +++ b/src/kadmin.v4/server/ChangeLog @@ -1,7 +1,11 @@ +Thu May 9 02:03:33 1996 Richard Basch <basch@lehman.com> + + * kadm_funcs.c: Better handling of the principal lifetimes. + Thu Mar 21 20:33:43 1996 Richard Basch <basch@lehman.com> * kadm_funcs.c: new principals were being created with two keys, - one of which the key_data_ver=0 and had no valid data. + one of which the key_data_ver=0 and had no valid data. Tue Mar 19 19:42:37 1996 Richard Basch <basch@lehman.com> diff --git a/src/kadmin.v4/server/kadm_funcs.c b/src/kadmin.v4/server/kadm_funcs.c index 5025e3acb..658c70b38 100644 --- a/src/kadmin.v4/server/kadm_funcs.c +++ b/src/kadmin.v4/server/kadm_funcs.c @@ -61,7 +61,14 @@ kadm_entry2princ(entry, princ) strncpy(princ->exp_date_txt, ctime((const time_t *) &entry.expiration), DATE_SZ); princ->attributes = entry.attributes; - princ->max_life = entry.max_life / (60 * 5); + + if ((entry.max_life / (60 * 5)) > 255) + princ->max_life = 255; + else { + princ->max_life = entry.max_life / (60 * 5); + if (princ->max_life == 0) princ->max_life++; + } + princ->kdc_key_ver = 1; /* entry.mkvno; */ princ->key_version = entry.key_data[0].key_data_kvno; @@ -107,9 +114,11 @@ kadm_princ2entry(princ, entry) return retval; entry->len = KRB5_KDB_V1_BASE_LENGTH; - entry->max_life = princ.max_life * (60 * 5); - entry->max_renewable_life = server_parm.max_rlife; /* XXX yeah well */ - entry->expiration = princ.exp_date; + entry->max_life = + princ.max_life ? princ.max_life * 60 * 5 : server_parm.max_life; + entry->max_renewable_life = server_parm.max_rlife; + entry->expiration = + princ.exp_date ? princ.exp_date : server_parm.expiration; entry->attributes = princ.attributes; retval = krb5_425_conv_principal(kadm_context, princ.mod_name, @@ -230,7 +239,7 @@ Kadm_vals *valsout; if (!IS_FIELD(KADM_ATTR,valsin->fields)) data_i.attributes = server_parm.flags; if (!IS_FIELD(KADM_MAXLIFE,valsin->fields)) - data_i.max_life = server_parm.max_life; + data_i.max_life = 0; retval = kadm_princ2entry(data_i, &newentry); if (retval) { @@ -533,7 +542,7 @@ Kadm_vals *valsout; /* the actual record which is returned */ if (IS_FIELD(KADM_ATTR,valsin2->fields)) newentry.attributes = temp_key.attributes; if (IS_FIELD(KADM_MAXLIFE,valsin2->fields)) - newentry.max_life = temp_key.max_life; + newentry.max_life = temp_key.max_life * 60 * 5; if (IS_FIELD(KADM_DESKEY,valsin2->fields)) { if ((newpw.contents = (krb5_octet *)malloc(8)) == NULL) { krb5_db_free_principal(kadm_context, &newentry, 1); @@ -1019,7 +1028,14 @@ kadm_chg_srvtab(rname, rinstance, rrealm, values) memcpy((char *)&values->key_high, newpw.contents + 4, 4); values->key_low = htonl(values->key_low); values->key_high = htonl(values->key_high); - values->max_life = odata.max_life / (60 * 5); + + if ((odata.max_life / (60 * 5)) > 255) + values->max_life = 255; + else { + values->max_life = odata.max_life / (60 * 5); + if (values->max_life == 0) values->max_life++; + } + values->exp_date = odata.expiration; values->attributes = odata.attributes; memset(values->fields, 0, sizeof(values->fields)); |