Skip Menu |
 

Download (untitled) / with headers
text/plain 2.5KiB
From tlyu@MIT.EDU Tue Sep 24 19:26:35 1996
Received: from dragons-lair.MIT.EDU (DRAGONS-LAIR.MIT.EDU [18.177.1.200]) by avalanche-breakdown.MIT.EDU (8.7.5/8.7.3) with SMTP id TAA20277 for <bugs@AVALANCHE-BREAKDOWN.MIT.EDU>; Tue, 24 Sep 1996 19:26:34 -0400
Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by dragons-lair.MIT.EDU (8.6.13/8.6.9) with SMTP id TAA13574 for <krb5-bugs@dragons-lair.mit.edu>; Tue, 24 Sep 1996 19:26:33 -0400
Received: from TESLA-COIL.MIT.EDU by MIT.EDU with SMTP
id AA19090; Tue, 24 Sep 96 19:26:33 EDT
Received: by tesla-coil.MIT.EDU (5.x/4.7) id AA28026; Tue, 24 Sep 1996 19:26:32 -0400
Message-Id: <9609242326.AA28026@tesla-coil.MIT.EDU>
Date: Tue, 24 Sep 1996 19:26:32 -0400
From: tlyu@MIT.EDU
Reply-To: tlyu@MIT.EDU
To: krb5-bugs@MIT.EDU
Subject: Bug in lifetime handling in krb524d
X-Send-Pr-Version: 3.99

Show quoted text
>Number: 22
>Category: krb5-kdc
>Synopsis: Bug in lifetime handling in krb524d
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: krb5-unassigned
>State: closed
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Tue Sep e 19:30:01 EDT 1996
>Last-Modified: Thu Dec 05 23:27:50 EST 1996
>Originator: Tom Yu
>Organization:
mit
Show quoted text
>Release: unknown-1.0
>Environment:

System: SunOS tesla-coil 5.4 Generic_101945-37 sun4m sparc


Show quoted text
>Description:
Date: Mon, 26 Aug 1996 18:54:08 -0400
From: Ken Hornstein <kenh@cmf.nrl.navy.mil>

I noticed today that krb524d has a problem when calculating ticket lifetime.
It uses the current time and subtracts the expiration time to get the
V4 ticket lifetime, instead of the start time. This is fine if you get your
V4 tickets right when you get your V5 tickets, but it doesn't work if you get
your V4 tickets later than your start time.

Show quoted text
>How-To-Repeat:

Show quoted text
>Fix:
(from kenh)

--- src/krb524/cnv_tkt_skey.c.orig Mon Aug 26 18:42:51 1996
+++ src/krb524/cnv_tkt_skey.c Mon Aug 26 18:43:31 1996
@@ -111,7 +111,7 @@
}
if ( (server_time+context->clockskew >= v5etkt->times.starttime)
&& (server_time-context->clockskew <= v5etkt->times.endtime)) {
- deltatime = v5etkt->times.endtime - (server_time-context->clockskew);
+ deltatime = v5etkt->times.endtime - v5etkt->times.starttime;
lifetime = deltatime / 300;
/* if (lifetime > 255) lifetime = 255; */
if (lifetime > 127) {
Show quoted text
>Audit-Trail:

State-Changed-From-To: open-closed
State-Changed-By: tytso
State-Changed-When: Thu Dec 5 23:19:33 1996
State-Changed-Why: problem closed, see pr#283

Show quoted text
>Unformatted: