krb5_string_to_deltat
Alexandra Ellwood
lxs at MIT.EDU
Tue Sep 21 14:16:49 EDT 2004
On Sep 21, 2004, at 1:57 PM, Tom Yu wrote:
>>>>>> "kwc" == Kevin Coffman <kwc at citi.umich.edu> writes:
>
> kwc> While testing the new gssrpc code, I've run into a situation with
> kwc> krb5_string_to_deltat() not liking my krb5.conf setting of
> kwc> ticket_lifetime. My original krb5.conf has:
>
> kwc> ticket_lifetime = 604800
>
> kwc> The cvs-current code returns EINVAL for this, but likes "604800s"
> (or
> kwc> "100h", or "7d").
>
> I don't know of anything that would cause such a change. Did the bare
> integer ever work? On what release did it last work?
> krb5_string_to_deltat() has used the bison grammar for quite some
> time... I think since krb5-1.1. Prior to that, I think there was a
> hand-coded parser.
The short answer is: "ticket_lifetime = 604800" was never being read in
stock MIT Kerberos, and thus the syntax error was not being reported.
I checked in a change to the trunk a little over a month ago to fix
this deficiency. krb5-1.4 will be the first release to support this
libdefault.
See MIT Kerberos bug #2656 for more information.
It is possible that sites have local patches to krb5-1.3.x and earlier
which enable this libdefault and do not use krb5_string_to_deltat() to
read it. If so, then the format of the lifetime will change if the
site does not reapply their patches.
Hope this helps,
--lxs
-----------------------------------------------------------------------
Alexandra Ellwood <lxs at mit.edu>
Kerberos Development Team
MIT Information Services & Technology
<http://mit.edu/lxs/www>
-----------------------------------------------------------------------
More information about the krbdev
mailing list