[26945] in CVS-changelog-for-Kerberos-V5

home help back first fref pref prev next nref lref last post

krb5 commit: Fix renew_until check for auto-renewal

daemon@ATHENA.MIT.EDU (Benjamin Kaduk)
Wed Aug 29 14:56:32 2012

Date: Wed, 29 Aug 2012 14:55:58 -0400
From: Benjamin Kaduk <kaduk@mit.edu>
Message-Id: <201208291855.q7TItwPX016128@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu

https://github.com/krb5/krb5/commit/95c89d4c738df9be8e60215e4a883794d4b7b15c
commit 95c89d4c738df9be8e60215e4a883794d4b7b15c
Author: Kevin Wasserman <kevin.wasserman@painless-security.com>
Date:   Mon Jul 30 16:30:34 2012 -0400

    Fix renew_until check for auto-renewal
    
    This was completely wrong, but only caused a severe problem on 64 bit
    builds. On 32 bit builds the result was effectively always 'success',
    so it would always attempt to renew even if there was not sufficient time
    left in the renewable lifetime. This did not have much observable
    adverse effect. But on 64 bit builds it always failed and so never
    attempted renewal.
    
    Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
    
    ticket: 7326 (new)
    queue: kfw
    target_version: 1.10.4
    tags: pullup

 src/windows/leash/LeashView.cpp |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/src/windows/leash/LeashView.cpp b/src/windows/leash/LeashView.cpp
index c7cfdc3..eedc5a2 100644
--- a/src/windows/leash/LeashView.cpp
+++ b/src/windows/leash/LeashView.cpp
@@ -2558,7 +2558,7 @@ BOOL CLeashView::PreTranslateMessage(MSG* pMsg)
 #ifndef NO_KRB5
             if ( m_ticketStatusKrb5 == TWENTY_MINUTES_LEFT &&
                  m_autoRenewTickets && !m_autoRenewalAttempted && ticketinfo.Krb5.renew_until &&
-                 (ticketinfo.Krb5.issued + ticketinfo.Krb5.renew_until - LeashTime() > 20 * 60))
+                 (ticketinfo.Krb5.renew_until - LeashTime() > 20 * 60))
             {
                 m_autoRenewalAttempted = 1;
                 ReleaseMutex(ticketinfo.lockObj);
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
home help back first fref pref prev next nref lref last post