[2196] in Kerberos-V5-bugs
Bug in leap year calculation
daemon@ATHENA.MIT.EDU (Larry V. Streepy, Jr.)
Fri Aug 30 21:59:52 1996
Date: Fri, 30 Aug 1996 19:58:25 -0600
From: "Larry V. Streepy, Jr." <streepy@healthcare.com>
To: krb5-bugs@MIT.EDU
I can't believe that I am the first person to find this, but it seems
like an extremely obvious bug.
This is all with the latest download of krb5
When I do a kinit I get the error:
kinit: KDC reply did not match expectations while getting initial
credentials
After some debugging, the problem codes from the "endtime" value in the
returned AS reply being larger than the endtime in the request. After
more digging it became obvious that these values were off by exactly
86400 seconds (1 day).
When the kdc encodes the value 841541832 it gets "19960901013712Z".
When kinit decodes this strng it produces 841628232; exactly 1 day off.
After still more digging, I ended up in the gmt_mktime function which
appears to be screwing up the leap year additions. The code:
/* add in leap day for all previous years */
accum += (t->tm_year - 68) / 4;
/* add in leap day for this year */
if(t->tm_mon >= 2) /* march or later */
if(hasleapday(t->tm_year)) accum += 1;
This seems to account for the current leap year *twice*. For years less
than 2000, the simple (year-68)/4 is sufficient.
Am I totally in the weeds here? Or is this what's really going on?
--
Larry V. Streepy, Jr.
V.P. of Technology, Healthcare Communications, Inc.
mailto:streepy@healthcare.com
(214) 851-7033 (Dallas Main #)
(970) 626-5028 (My office #)
