[prev in list] [next in list] [prev in thread] [next in thread]
List: krb5-bugs
Subject: [krbdev.mit.edu #8609] git commit
From: "Greg Hudson via RT" <rt-comment () krbdev ! mit ! edu>
Date: 2017-08-31 4:28:55
Message-ID: rt-8609-47599.4.73812728731239 () krbdev ! mit ! edu
[Download RAW message or body]
Issue trivially renewable tickets
If the client specifically asks for renewable tickets but the
renewable end time (either requested or after restrictions) doesn't
exceed the ticket end time, issue a renewable ticket anyway. Issuing
a non-renewable ticket (as we started doing in release 1.12, due to
the refactoring in commit 4f551a7ec126c52ee1f8fea4c3954015b70987bd)
can be unfriendly to scripts.
Also make sure never to issue a ticket with the renewable flag set but
no renew-till field, by clearing the renewable flag at the start of
kdc_get_ticket_renewtime(). The flag could have been previously set
by the assignment "enc_tkt_reply = *(header_ticket->enc_part2)" in
process_tgs_req() when processing a renewal request.
Modify t_renew.py to expect renewable tickets in some tests where it
previously did not, to check for specific lifetimes, and to check the
renewable flag as well as the renewable lifetime.
https://github.com/krb5/krb5/commit/45c19b19ea4d47ac5969a9cbdb308201b16615d8
Author: Greg Hudson <ghudson@mit.edu>
Commit: 45c19b19ea4d47ac5969a9cbdb308201b16615d8
Branch: master
src/kdc/kdc_util.c | 15 ++++++----
src/tests/t_renew.py | 71 +++++++++++++++++++++++++++++++++++---------------
2 files changed, 59 insertions(+), 27 deletions(-)
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic