[2591] in Kerberos-V5-bugs

home help back first fref pref prev next nref lref last post

Re: pending/305: krb524: requests with multi-home machines and null-address creds

daemon@ATHENA.MIT.EDU (Theodore Y. Ts'o)
Thu Dec 19 00:06:54 1996

Date: Thu, 19 Dec 1996 00:06:39 -0500
From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
To: krb5-bugs@MIT.EDU, "Richard Basch" <basch@lehman.com>
Cc: gnats-admin@RT-11.MIT.EDU, krb5-prs@RT-11.MIT.EDU
In-Reply-To: Richard Basch's message of Wed, 18 Dec 1996 23:42:01 -0500,
	<199612190442.XAA01322@rt-11.MIT.EDU>

For the record, the 1.0 release provides the maximum possible duration
for the V4 ticket lifetile.  However, it didn't adjust the algorithm
used for calculating the lifetime in the V4 credential (i.e., the field
which is displayed to the user).  So, for certain very long-lived
ticket, the klist display will be incorrect.

A similar bug (which is also present in your patch, Richard), is that
the algorithm in cnv_tkt_skey.c uses the CMU lifetime encoding hack,
whereas the code in conv_creds.c does not.

home help back first fref pref prev next nref lref last post