From: | ghudson@mit.edu |
Subject: | git commit |
Add and use ts_interval() helper
ts_delta() returns a signed result, which cannot hold an interval
larger than 2^31-1 seconds. Intervals like this have been seen when
admins set password expiration dates more than 68 years in the future.
Add a second helper ts_interval() which returns an unsigned result,
and has the arguments reversed so that the start time is first. Use
it in warn_pw_expiry() to handle the password expiration case, in the
GSS krb5 mech where we return an unsigned context or credential
lifetime to the caller, and in the KEYRING ccache type where we
compute an unsigned keyring timeout.
https://github.com/krb5/krb5/commit/29600cf1db888d91c42cbd6cf72652afe8c1ee66
Author: Greg Hudson <ghudson@mit.edu>
Commit: 29600cf1db888d91c42cbd6cf72652afe8c1ee66
Branch: master
src/include/k5-int.h | 9 +++++++++
src/lib/gssapi/krb5/accept_sec_context.c | 10 ++++++----
src/lib/gssapi/krb5/acquire_cred.c | 3 +--
src/lib/gssapi/krb5/context_time.c | 20 ++++++--------------
src/lib/gssapi/krb5/init_sec_context.c | 4 ++--
src/lib/gssapi/krb5/inq_context.c | 11 ++++-------
src/lib/gssapi/krb5/inq_cred.c | 2 +-
src/lib/gssapi/krb5/s4u_gss_glue.c | 2 +-
src/lib/krb5/ccache/cc_keyring.c | 4 ++--
src/lib/krb5/krb/get_in_tkt.c | 15 +++++++--------
10 files changed, 39 insertions(+), 41 deletions(-)