From jenselby@MIT.EDU Sun Jul 14 20:27:20 2002 Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.7.21.83]) by rt-11.mit.edu (8.9.3/8.9.3) with ESMTP id UAA13805 for ; Sun, 14 Jul 2002 20:27:20 -0400 (EDT) Received: from grand-central-station.mit.edu (GRAND-CENTRAL-STATION.MIT.EDU [18.7.21.82]) by pacific-carrier-annex.mit.edu (8.9.2/8.9.2) with ESMTP id UAA01846 for ; Sun, 14 Jul 2002 20:27:20 -0400 (EDT) Received: from melbourne-city-street.mit.edu (MELBOURNE-CITY-STREET.MIT.EDU [18.7.21.86]) by grand-central-station.mit.edu (8.9.2/8.9.2) with ESMTP id UAA29800 for ; Sun, 14 Jul 2002 20:27:19 -0400 (EDT) Received: from quiche-lorraine.mit.edu (QUICHE-LORRAINE.MIT.EDU [18.187.1.71]) by melbourne-city-street.mit.edu (8.9.2/8.9.2) with ESMTP id UAA24425 for ; Sun, 14 Jul 2002 20:27:19 -0400 (EDT) Received: (from jenselby@localhost) by quiche-lorraine.mit.edu (8.9.3) id UAA08797; Sun, 14 Jul 2002 20:27:18 -0400 Message-Id: <200207150027.UAA08797@quiche-lorraine.mit.edu> Date: Sun, 14 Jul 2002 20:27:18 -0400 From: jenselby@MIT.EDU Reply-To: jenselby@MIT.EDU To: krb5-bugs@MIT.EDU Subject: conflicting defaults for some kdc.conf tags X-Send-Pr-Version: 3.99 >Number: 1137 >Category: krb5-kdc >Synopsis: conflicting defaults for some kdc.conf tags >Confidential: no >Severity: non-critical >Priority: low >Responsible: krb5-unassigned >State: open >Class: sw-bug >Submitter-Id: unknown >Arrival-Date: Sun Jul 14 20:28:01 EDT 2002 >Last-Modified: >Originator: Jen Selby >Organization: MIT >Release: krb5-1.2.5 >Environment: >Description: in lib/kadm5/alt_prof.c, there are two functions for reading kdc.conf, krb5_read_realm_params and kadm5_get_config_params. krb5_read_realm_params is called from kdc/main.c, which uses a default of one day for the max_life tag, one week for the max-renewable_life tag, and Jan 1 2038 for the default_principal_expiration tag. The other function is called from many places and has its own hard-coded defaults, which are 10 hours, 0, and 0 respectively. >How-To-Repeat: >Fix: Figure out which defaults are best, and change the hardcoded defaults to those. Change the two functions so that one of them calls the other, or get rid of krb5_read_realm_params (making sure that kadm5_get_config_params has all needed functionality) and change the call in kdc/main.c. >Audit-Trail: >Unformatted: