[krbdev.mit.edu #6283] At Login the client is setting the renew life time to 24 hours?

Thu Dec 4 13:40:54 EST 2008

diff -Nur -x '*~' -x '*.orig' -x '*.rej' -x '*.pbxbtree' -x '*.pbxindex' -x lha.mode1v3 -x lha.mode2v3 -x lha.pbxuser -x windows -x .DS_Store Kerberos.AEP-6.5fc1.orig/KerberosFramework/Kerberos5/Sources/kim/lib/kim_options.c Kerberos.AEP-6.5fc1/KerberosFramework/Kerberos5/Sources/kim/lib/kim_options.c

--- Kerberos.AEP-6.5fc1.orig/KerberosFramework/Kerberos5/Sources/kim/lib/kim_options.c	2008-11-07 11:24:45.000000000 -0800
+++ Kerberos.AEP-6.5fc1/KerberosFramework/Kerberos5/Sources/kim/lib/kim_options.c	2008-11-11 17:34:02.000000000 -0800
@@ -45,7 +45,7 @@
 0, 
 kim_default_lifetime, 
 kim_default_renewable, 
-kim_default_renewal_lifetime,
+0,
 kim_default_forwardable,
 kim_default_proxiable,
 kim_default_addressless,
@@ -488,8 +488,9 @@
     if (!err) {
         krb5_get_init_creds_opt_set_tkt_life (in_options->init_cred_options, 
                                               in_options->lifetime);
-        krb5_get_init_creds_opt_set_renew_life (in_options->init_cred_options, 
-                                                in_options->renewable ? in_options->renewal_lifetime : 0);
+	if (in_options->renewal_lifetime || in_options->renewable)
+	    krb5_get_init_creds_opt_set_renew_life (in_options->init_cred_options, 
+						    in_options->renewal_lifetime);
         krb5_get_init_creds_opt_set_forwardable (in_options->init_cred_options, 
                                                  in_options->forwardable);
         krb5_get_init_creds_opt_set_proxiable (in_options->init_cred_options, 
diff -Nur -x '*~' -x '*.orig' -x '*.rej' -x '*.pbxbtree' -x '*.pbxindex' -x lha.mode1v3 -x lha.mode2v3 -x lha.pbxuser -x windows -x .DS_Store Kerberos.AEP-6.5fc1.orig/KerberosFramework/Kerberos5/Sources/kim/lib/kim_preferences_private.h Kerberos.AEP-6.5fc1/KerberosFramework/Kerberos5/Sources/kim/lib/kim_preferences_private.h
--- Kerberos.AEP-6.5fc1.orig/KerberosFramework/Kerberos5/Sources/kim/lib/kim_preferences_private.h	2008-11-07 11:24:45.000000000 -0800
+++ Kerberos.AEP-6.5fc1/KerberosFramework/Kerberos5/Sources/kim/lib/kim_preferences_private.h	2008-11-11 17:33:14.000000000 -0800
@@ -52,7 +52,6 @@
 
 #define kim_default_lifetime                   10*60*60
 #define kim_default_renewable                  TRUE
-#define kim_default_renewal_lifetime           7*24*60*60
 #define kim_default_forwardable                TRUE
 #define kim_default_proxiable                  TRUE
 #define kim_default_addressless                TRUE
diff -Nur -x '*~' -x '*.orig' -x '*.rej' -x '*.pbxbtree' -x '*.pbxindex' -x lha.mode1v3 -x lha.mode2v3 -x lha.pbxuser -x windows -x .DS_Store Kerberos.AEP-6.5fc1.orig/KerberosFramework/Kerberos5/Sources/lib/krb5/krb/get_in_tkt.c Kerberos.AEP-6.5fc1/KerberosFramework/Kerberos5/Sources/lib/krb5/krb/get_in_tkt.c
--- Kerberos.AEP-6.5fc1.orig/KerberosFramework/Kerberos5/Sources/lib/krb5/krb/get_in_tkt.c	2008-11-07 11:25:56.000000000 -0800
+++ Kerberos.AEP-6.5fc1/KerberosFramework/Kerberos5/Sources/lib/krb5/krb/get_in_tkt.c	2008-11-11 18:20:20.000000000 -0800
@@ -1026,7 +1026,7 @@
     } else {
 	renew_life = 0;
     }
-    if (renew_life > 0)
+    if (renew_life > 0 || (options->flags & KRB5_GET_INIT_CREDS_OPT_RENEW_LIFE))
 	request.kdc_options |= KDC_OPT_RENEWABLE;
     
     if (renew_life > 0) {


