krb5 commit: Fix renew_until check for auto-renewal
Benjamin Kaduk
kaduk at MIT.EDU
Wed Aug 29 14:55:58 EDT 2012
https://github.com/krb5/krb5/commit/95c89d4c738df9be8e60215e4a883794d4b7b15c
commit 95c89d4c738df9be8e60215e4a883794d4b7b15c
Author: Kevin Wasserman <kevin.wasserman at painless-security.com>
Date: Mon Jul 30 16:30:34 2012 -0400
Fix renew_until check for auto-renewal
This was completely wrong, but only caused a severe problem on 64 bit
builds. On 32 bit builds the result was effectively always 'success',
so it would always attempt to renew even if there was not sufficient time
left in the renewable lifetime. This did not have much observable
adverse effect. But on 64 bit builds it always failed and so never
attempted renewal.
Signed-off-by: Kevin Wasserman <kevin.wasserman at painless-security.com>
ticket: 7326 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
src/windows/leash/LeashView.cpp | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/windows/leash/LeashView.cpp b/src/windows/leash/LeashView.cpp
index c7cfdc3..eedc5a2 100644
--- a/src/windows/leash/LeashView.cpp
+++ b/src/windows/leash/LeashView.cpp
@@ -2558,7 +2558,7 @@ BOOL CLeashView::PreTranslateMessage(MSG* pMsg)
#ifndef NO_KRB5
if ( m_ticketStatusKrb5 == TWENTY_MINUTES_LEFT &&
m_autoRenewTickets && !m_autoRenewalAttempted && ticketinfo.Krb5.renew_until &&
- (ticketinfo.Krb5.issued + ticketinfo.Krb5.renew_until - LeashTime() > 20 * 60))
+ (ticketinfo.Krb5.renew_until - LeashTime() > 20 * 60))
{
m_autoRenewalAttempted = 1;
ReleaseMutex(ticketinfo.lockObj);
More information about the cvs-krb5
mailing list