+Mon Jun 5 14:14:10 EDT 1995 Paul Park (pjpark@mit.edu)
+ * srv_key.c(key_get_admin_entry) - When adding database entry for
+ changepw principal, supply a maximum life and maximum renewable
+ lifetime so that it doesn't end up being zero.
+
+
Thu Jun 1 14:34:41 EDT 1995 Paul Park (pjpark@mit.edu)
* srv_acl.c: Change default acl file name to be a #define. If it
is not defined, then default to /krb5/krb5_adm.acl.
#include "kadm5_defs.h"
#include "mit-des.h"
+/*
+ * These control the maximum [renewable] life of the changepw principal, if
+ * it is created by us.
+ */
+#define KEY_DEF_MAX_LIFE (2*60*60)
+#define KEY_DEF_MAX_RLIFE (2*60*60)
+
static const char *key_cpw_ufokey_fmt = "%s: no keys in database entry for %s.\n";
static const char *key_cpw_decerr_fmt = "%s: cannot decode keys for %s.\n";
static const char *key_add_cpw_err_fmt = "%s: cannot add entry for %s (%s).\n";
krb5_timeofday(kcontext, &madmin_entry.mod_date);
madmin_entry.last_pwd_change = madmin_entry.mod_date;
madmin_entry.mkvno = key_master_entry()->kvno;
+ madmin_entry.max_life = KEY_DEF_MAX_LIFE;
+ madmin_entry.max_renewable_life = KEY_DEF_MAX_RLIFE;
number_of_entries = 1;
/*
projects / krb5.git / commitdiff