RT/krbdev.mit.edu: Ticket #2734 [libdefaults] lifetimes should have a default unit

RT/krbdev.mit.edu: Ticket #2734 [libdefaults] lifetimes should have a default unit

Signed in as guest.
[Logout]

[Home]

[Search]

[Configuration]

[Display]

[History]

[Basics]

[Dates]

[People]

[Links]

[Jumbo]

The Basics

Id
2734

Status
resolved

Worked
0 min

Priority
0/0

Queue
krb5

Keyword Selections

Component	krb5-libs
Version_reported	1.4
Version_Fixed	1.4
Target_Version	1.4
Tags

Relationships

Depends on:

Depended on by:

Parents:

Children:

Refers to:

Referred to by:

Dates

Created:	Tue Oct 5 13:50:36 2004
Starts:	Not set
Started:	Not set
Last Contact:	Thu Oct 14 17:43:38 2004
Due:	Not set
Updated:	Mon Nov 15 22:22:26 2004 by tlyu

People

Owner
lxs
Requestors
lxs@mit.edu
Cc

AdminCc

More about Alexandra Ellwood

Comments about this user:
No comment entered about this user
This user's 25 highest priority tickets:

5971: Merge Apple PKINIT and PKINIT preauth plugin (open)
1157: KfM needs to build krb5 clients and libraries separately (new)
1158: filename substitutions needed on man pages (open)
1380: Duplicate DNS Lookups make krb5_init_creds slow (open)
1800: "-passwordserver" introduces global and is specific to Apple (open)
2038: kdb5_util man page implies that the dbname is required (new)
2890: use kqueue to detect edu.mit.Kerberos file changing (open)
3216: kdb5_util man page says dbname is required for the load command (open)
4526: Error string for IMPORT_COUNT_MESSAGE cannot be localized (open)
5956: Support IPv6-only environments (new)
5968: Apple PKINIT patch commit (open)
6006: APIs for service principal selection (new)
6020: GSSAPI application server side support for authdata generated by authdata plugins (open)
6096: Reduce warnings (open)
6139: KfW CCAPI build broken (new)
6208: krb5_change_set_password string argument allocation causes leaks (new)
6209: Callers of krb5_encrypt_data not freeing allocated memory (new)

History

Display mode: [Brief headers] [Full headers]

Tue Oct 5 13:50:38 2004	lxs - Ticket created
Subject: [libdefaults] lifetimes should have a default unit Lifetime values set in the libdefaults section should have a default unit. We just started supporting the "ticket_lifetime" libdefault. Since it was previously ignored, configuration files with the string "ticket_lifetime = 600" and similar values with no units have propogated to a large number of configuration files. People with these configuration files will start getting EINVAL from krb5_get_init_creds() when they upgrade to 1.4. We have already had two reports of people running into this problem with 1.4-current (UMich and Apple). I can only assume that it will get worse. We should either modify the code that reads the libdefault or krb5_string_to_deltat(). I do not care if we default to seconds or minutes. Looking at the config files containing this value, people seem to assume it will default to seconds. Also, we should not return EINVAL from krb5_string_to_deltat in this situation. How about a "Invalid lifetime" error? Then at least the user knows to look for lifetime values.		Download (untitled) 1020b
Tue Oct 5 14:37:12 2004	lxs - Comments added
Looking at google output for "ticket_lifetime" there seems to be an overwhelming assumption that a unitless number is in seconds. In addition, Heimdal defaults to seconds. As a result we should probably default to seconds, even though in an ideal world, minutes makes more sense.		Download (untitled) 283b
Wed Oct 13 12:18:01 2004	lxs - Status changed from open to resolved
Wed Oct 13 12:18:02 2004	lxs - Correspondence added
From: lxs@mit.edu Subject: CVS Commit krb5_string_to_deltat should default to seconds if no unit is provided. If the format is invalid, it should return a distinct error (KRB5_DELTAT_BADFORMAT, not EINVAL). To generate a diff of this commit: cvs diff -r5.452 -r5.453 krb5/src/lib/krb5/krb/ChangeLog		Download (untitled) 268b
Wed Oct 13 12:18:09 2004	lxs - Correspondence added
From: lxs@mit.edu Subject: CVS Commit krb5_string_to_deltat should default to seconds if no unit is provided. If the format is invalid, it should return a distinct error (KRB5_DELTAT_BADFORMAT, not EINVAL). To generate a diff of this commit: cvs diff -r5.98 -r5.99 krb5/src/lib/krb5/error_tables/ChangeLog		Download (untitled) 275b
Wed Oct 13 12:18:17 2004	lxs - Correspondence added
From: lxs@mit.edu Subject: CVS Commit krb5_string_to_deltat should default to seconds if no unit is provided. If the format is invalid, it should return a distinct error (KRB5_DELTAT_BADFORMAT, not EINVAL). To generate a diff of this commit: cvs diff -r5.5 -r5.6 krb5/src/lib/krb5/krb/deltat.c		Download (untitled) 263b
Wed Oct 13 12:18:23 2004	lxs - Correspondence added
From: lxs@mit.edu Subject: CVS Commit krb5_string_to_deltat should default to seconds if no unit is provided. If the format is invalid, it should return a distinct error (KRB5_DELTAT_BADFORMAT, not EINVAL). To generate a diff of this commit: cvs diff -r5.75 -r5.76 krb5/src/lib/krb5/error_tables/krb5_err.et		Download (untitled) 277b
Wed Oct 13 12:18:30 2004	lxs - Correspondence added
From: lxs@mit.edu Subject: CVS Commit krb5_string_to_deltat should default to seconds if no unit is provided. If the format is invalid, it should return a distinct error (KRB5_DELTAT_BADFORMAT, not EINVAL). To generate a diff of this commit: cvs diff -r5.5 -r5.6 krb5/src/lib/krb5/krb/x-deltat.y		Download (untitled) 265b
Thu Oct 14 17:43:34 2004	tlyu - Correspondence added
From: tlyu@mit.edu Subject: CVS Commit * t_deltat.c (main): Unadorned integer no longer fails now that we default to seconds. To generate a diff of this commit: cvs diff -r5.453 -r5.454 krb5/src/lib/krb5/krb/ChangeLog cvs diff -r5.4 -r5.5 krb5/src/lib/krb5/krb/t_deltat.c		Download (untitled) 242b
Mon Nov 15 22:22:25 2004	tlyu - Version_Fixed 1.4 added