Skip Menu |
 

Download (untitled) / with headers
text/plain 2.4KiB
From jenselby@MIT.EDU Sun Jul 14 20:27:20 2002
Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.7.21.83])
by rt-11.mit.edu (8.9.3/8.9.3) with ESMTP id UAA13805
for <bugs@RT-11.mit.edu>; Sun, 14 Jul 2002 20:27:20 -0400 (EDT)
Received: from grand-central-station.mit.edu (GRAND-CENTRAL-STATION.MIT.EDU [18.7.21.82])
by pacific-carrier-annex.mit.edu (8.9.2/8.9.2) with ESMTP id UAA01846
for <bugs@RT-11.mit.edu>; Sun, 14 Jul 2002 20:27:20 -0400 (EDT)
Received: from melbourne-city-street.mit.edu (MELBOURNE-CITY-STREET.MIT.EDU [18.7.21.86])
by grand-central-station.mit.edu (8.9.2/8.9.2) with ESMTP id UAA29800
for <krb5-bugs@MIT.EDU>; Sun, 14 Jul 2002 20:27:19 -0400 (EDT)
Received: from quiche-lorraine.mit.edu (QUICHE-LORRAINE.MIT.EDU [18.187.1.71])
by melbourne-city-street.mit.edu (8.9.2/8.9.2) with ESMTP id UAA24425
for <krb5-bugs@mit.edu>; Sun, 14 Jul 2002 20:27:19 -0400 (EDT)
Received: (from jenselby@localhost) by quiche-lorraine.mit.edu (8.9.3)
id UAA08797; Sun, 14 Jul 2002 20:27:18 -0400
Message-Id: <200207150027.UAA08797@quiche-lorraine.mit.edu>
Date: Sun, 14 Jul 2002 20:27:18 -0400
From: jenselby@MIT.EDU
Reply-To: jenselby@MIT.EDU
To: krb5-bugs@MIT.EDU
Subject: conflicting defaults for some kdc.conf tags
X-Send-Pr-Version: 3.99

Show quoted text
>Number: 1137
>Category: krb5-kdc
>Synopsis: conflicting defaults for some kdc.conf tags
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Sun Jul 14 20:28:01 EDT 2002
>Last-Modified:
>Originator: Jen Selby
>Organization:
MIT
Show quoted text
>Release: krb5-1.2.5
>Environment:
>Description:
in lib/kadm5/alt_prof.c, there are two functions for reading
kdc.conf, krb5_read_realm_params and kadm5_get_config_params.
krb5_read_realm_params is called from kdc/main.c, which uses
a default of one day for the max_life tag, one week for the
max-renewable_life tag, and Jan 1 2038 for the
default_principal_expiration tag. The other function is
called from many places and has its own hard-coded defaults,
which are 10 hours, 0, and 0 respectively.
Show quoted text
>How-To-Repeat:
>Fix:
Figure out which defaults are best, and change the hardcoded
defaults to those. Change the two functions so that one of them
calls the other, or get rid of krb5_read_realm_params (making
sure that kadm5_get_config_params has all needed functionality)
and change the call in kdc/main.c.
Show quoted text
>Audit-Trail:
>Unformatted:
Defaults no longer conflict, but we may still want to consider
consolidating where they are defined, in order to avoid future divergence.