[1914] in Kerberos-V5-bugs
[daemon@ATHENA.MIT.EDU : getdate.y loses on integers]
daemon@ATHENA.MIT.EDU (Barry Jaspan)
Thu May 9 17:42:19 1996
Date: Thu, 9 May 1996 17:42:08 -0400
From: "Barry Jaspan" <bjaspan@MIT.EDU>
To: krb5-bugs@MIT.EDU
I meant to send this to bugs, not krbdev.
------- Forwarded transaction
[1142] daemon@ATHENA.MIT.EDU (Barry Jaspan) Kerberos_V5_Development 05/08/96 15:01 (55 lines)
Subject: getdate.y loses on integers
Date: Wed, 8 May 96 15:00:50 -0400
From: "Barry Jaspan" <bjaspan@MIT.EDU>
To: krbdev@MIT.EDU
secure_admin_cli (to be kadmin) uses a public-domain program called
getdate (a yacc script) to parse English dates into timestamps. If
you give it just an integer, it parses it as hh:mm:ss with the hh:mm
part missing, which ends up being interpreted as "that many seconds
from the start of *today*" which of course is a negative number. For
example,
secure_admin_cli.local: modpol -maxlife 0 default
secure_admin_cli.local: getpol default
Policy: default
Maximum password life: -57425
Minimum password life: 0
Minimum password length: 1
Minimum number of password character classes: 1
Number of old keys kept: 1
Reference count: 0
% date
Wed May 8 14:57:15 EDT 1996
Notice that 57425 is approximately the number of seconds since
midnight.
If getdate is given a relative specifier, everything works fine:
secure_admin_cli.local: modpol -maxlife "0 seconds" default
secure_admin_cli.local: getpol default
Policy: default
Maximum password life: 0
Minimum password life: 0
Minimum password length: 1
Minimum number of password character classes: 1
Number of old keys kept: 1
Reference count: 0
secure_admin_cli.local: modpol -maxlife "2 months" default
secure_admin_cli.local: getpol default
Policy: default
Maximum password life: 5270400
Minimum password life: 0
Minimum password length: 1
Minimum number of password character classes: 1
Number of old keys kept: 1
Reference count: 0
However, a number of users will probably realize that the values are
being interpreted as seconds, and to save typing will enter a value as
an integer, and get totally unexpected results. We should fix this.
Barry
--[1142]--
------- End forwarded transaction
