[1142] in Kerberos_V5_Development
getdate.y loses on integers
daemon@ATHENA.MIT.EDU (Barry Jaspan)
Wed May 8 15:01:21 1996
Date: Wed, 8 May 96 15:00:50 -0400
From: "Barry Jaspan" <bjaspan@MIT.EDU>
To: krbdev@MIT.EDU
secure_admin_cli (to be kadmin) uses a public-domain program called
getdate (a yacc script) to parse English dates into timestamps. If
you give it just an integer, it parses it as hh:mm:ss with the hh:mm
part missing, which ends up being interpreted as "that many seconds
from the start of *today*" which of course is a negative number. For
example,
secure_admin_cli.local: modpol -maxlife 0 default
secure_admin_cli.local: getpol default
Policy: default
Maximum password life: -57425
Minimum password life: 0
Minimum password length: 1
Minimum number of password character classes: 1
Number of old keys kept: 1
Reference count: 0
% date
Wed May 8 14:57:15 EDT 1996
Notice that 57425 is approximately the number of seconds since
midnight.
If getdate is given a relative specifier, everything works fine:
secure_admin_cli.local: modpol -maxlife "0 seconds" default
secure_admin_cli.local: getpol default
Policy: default
Maximum password life: 0
Minimum password life: 0
Minimum password length: 1
Minimum number of password character classes: 1
Number of old keys kept: 1
Reference count: 0
secure_admin_cli.local: modpol -maxlife "2 months" default
secure_admin_cli.local: getpol default
Policy: default
Maximum password life: 5270400
Minimum password life: 0
Minimum password length: 1
Minimum number of password character classes: 1
Number of old keys kept: 1
Reference count: 0
However, a number of users will probably realize that the values are
being interpreted as seconds, and to save typing will enter a value as
an integer, and get totally unexpected results. We should fix this.
Barry
