From tlyu@MIT.EDU Tue Sep 24 19:26:35 1996
Received: from dragons-lair.MIT.EDU (DRAGONS-LAIR.MIT.EDU [18.177.1.200]) by avalanche-breakdown.MIT.EDU (8.7.5/8.7.3) with SMTP id TAA20277 for <bugs@AVALANCHE-BREAKDOWN.MIT.EDU>; Tue, 24 Sep 1996 19:26:34 -0400
Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by dragons-lair.MIT.EDU (8.6.13/8.6.9) with SMTP id TAA13574 for <krb5-bugs@dragons-lair.mit.edu>; Tue, 24 Sep 1996 19:26:33 -0400
Received: from TESLA-COIL.MIT.EDU by MIT.EDU with SMTP
id AA19090; Tue, 24 Sep 96 19:26:33 EDT
Received: by tesla-coil.MIT.EDU (5.x/4.7) id AA28026; Tue, 24 Sep 1996 19:26:32 -0400
Message-Id: <9609242326.AA28026@tesla-coil.MIT.EDU>
Date: Tue, 24 Sep 1996 19:26:32 -0400
From: tlyu@MIT.EDU
Reply-To: tlyu@MIT.EDU
To: krb5-bugs@MIT.EDU
Subject: Bug in lifetime handling in krb524d
X-Send-Pr-Version: 3.99
System: SunOS tesla-coil 5.4 Generic_101945-37 sun4m sparc
From: Ken Hornstein <kenh@cmf.nrl.navy.mil>
I noticed today that krb524d has a problem when calculating ticket lifetime.
It uses the current time and subtracts the expiration time to get the
V4 ticket lifetime, instead of the start time. This is fine if you get your
V4 tickets right when you get your V5 tickets, but it doesn't work if you get
your V4 tickets later than your start time.
--- src/krb524/cnv_tkt_skey.c.orig Mon Aug 26 18:42:51 1996
+++ src/krb524/cnv_tkt_skey.c Mon Aug 26 18:43:31 1996
@@ -111,7 +111,7 @@
}
if ( (server_time+context->clockskew >= v5etkt->times.starttime)
&& (server_time-context->clockskew <= v5etkt->times.endtime)) {
- deltatime = v5etkt->times.endtime - (server_time-context->clockskew);
+ deltatime = v5etkt->times.endtime - v5etkt->times.starttime;
lifetime = deltatime / 300;
/* if (lifetime > 255) lifetime = 255; */
if (lifetime > 127) {
State-Changed-From-To: open-closed
State-Changed-By: tytso
State-Changed-When: Thu Dec 5 23:19:33 1996
State-Changed-Why: problem closed, see pr#283
Received: from dragons-lair.MIT.EDU (DRAGONS-LAIR.MIT.EDU [18.177.1.200]) by avalanche-breakdown.MIT.EDU (8.7.5/8.7.3) with SMTP id TAA20277 for <bugs@AVALANCHE-BREAKDOWN.MIT.EDU>; Tue, 24 Sep 1996 19:26:34 -0400
Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by dragons-lair.MIT.EDU (8.6.13/8.6.9) with SMTP id TAA13574 for <krb5-bugs@dragons-lair.mit.edu>; Tue, 24 Sep 1996 19:26:33 -0400
Received: from TESLA-COIL.MIT.EDU by MIT.EDU with SMTP
id AA19090; Tue, 24 Sep 96 19:26:33 EDT
Received: by tesla-coil.MIT.EDU (5.x/4.7) id AA28026; Tue, 24 Sep 1996 19:26:32 -0400
Message-Id: <9609242326.AA28026@tesla-coil.MIT.EDU>
Date: Tue, 24 Sep 1996 19:26:32 -0400
From: tlyu@MIT.EDU
Reply-To: tlyu@MIT.EDU
To: krb5-bugs@MIT.EDU
Subject: Bug in lifetime handling in krb524d
X-Send-Pr-Version: 3.99
Show quoted text
>Number: 22
>Category: krb5-kdc
>Synopsis: Bug in lifetime handling in krb524d
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: krb5-unassigned
>State: closed
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Tue Sep e 19:30:01 EDT 1996
>Last-Modified: Thu Dec 05 23:27:50 EST 1996
>Originator: Tom Yu
>Organization:
mit>Category: krb5-kdc
>Synopsis: Bug in lifetime handling in krb524d
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: krb5-unassigned
>State: closed
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Tue Sep e 19:30:01 EDT 1996
>Last-Modified: Thu Dec 05 23:27:50 EST 1996
>Originator: Tom Yu
>Organization:
Show quoted text
>Release: unknown-1.0
>Environment:
>Environment:
System: SunOS tesla-coil 5.4 Generic_101945-37 sun4m sparc
Show quoted text
>Description:
Date: Mon, 26 Aug 1996 18:54:08 -0400From: Ken Hornstein <kenh@cmf.nrl.navy.mil>
I noticed today that krb524d has a problem when calculating ticket lifetime.
It uses the current time and subtracts the expiration time to get the
V4 ticket lifetime, instead of the start time. This is fine if you get your
V4 tickets right when you get your V5 tickets, but it doesn't work if you get
your V4 tickets later than your start time.
Show quoted text
>How-To-Repeat:
Show quoted text
>Fix:
(from kenh)--- src/krb524/cnv_tkt_skey.c.orig Mon Aug 26 18:42:51 1996
+++ src/krb524/cnv_tkt_skey.c Mon Aug 26 18:43:31 1996
@@ -111,7 +111,7 @@
}
if ( (server_time+context->clockskew >= v5etkt->times.starttime)
&& (server_time-context->clockskew <= v5etkt->times.endtime)) {
- deltatime = v5etkt->times.endtime - (server_time-context->clockskew);
+ deltatime = v5etkt->times.endtime - v5etkt->times.starttime;
lifetime = deltatime / 300;
/* if (lifetime > 255) lifetime = 255; */
if (lifetime > 127) {
Show quoted text
>Audit-Trail:
State-Changed-From-To: open-closed
State-Changed-By: tytso
State-Changed-When: Thu Dec 5 23:19:33 1996
State-Changed-Why: problem closed, see pr#283
Show quoted text
>Unformatted: