[krbdev.mit.edu #9071] git commit
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Wed Sep 28 01:47:15 EDT 2022
Wed Sep 28 01:47:15 2022: Request 9071 was acted upon.
Transaction: Ticket created by ghudson at mit.edu
Queue: krb5
Subject: git commit
Owner: ghudson at mit.edu
Requestors:
Status: new
Ticket <URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=9071 >
Add and use ts_interval() helper
ts_delta() returns a signed result, which cannot hold an interval
larger than 2^31-1 seconds. Intervals like this have been seen when
admins set password expiration dates more than 68 years in the future.
Add a second helper ts_interval() which returns an unsigned result,
and has the arguments reversed so that the start time is first. Use
it in warn_pw_expiry() to handle the password expiration case, in the
GSS krb5 mech where we return an unsigned context or credential
lifetime to the caller, and in the KEYRING ccache type where we
compute an unsigned keyring timeout.
https://github.com/krb5/krb5/commit/29600cf1db888d91c42cbd6cf72652afe8c1ee66
Author: Greg Hudson <ghudson at mit.edu>
Commit: 29600cf1db888d91c42cbd6cf72652afe8c1ee66
Branch: master
src/include/k5-int.h | 9 +++++++++
src/lib/gssapi/krb5/accept_sec_context.c | 10 ++++++----
src/lib/gssapi/krb5/acquire_cred.c | 3 +--
src/lib/gssapi/krb5/context_time.c | 20 ++++++--------------
src/lib/gssapi/krb5/init_sec_context.c | 4 ++--
src/lib/gssapi/krb5/inq_context.c | 11 ++++-------
src/lib/gssapi/krb5/inq_cred.c | 2 +-
src/lib/gssapi/krb5/s4u_gss_glue.c | 2 +-
src/lib/krb5/ccache/cc_keyring.c | 4 ++--
src/lib/krb5/krb/get_in_tkt.c | 15 +++++++--------
10 files changed, 39 insertions(+), 41 deletions(-)
More information about the krb5-bugs
mailing list