In kadmin, try using get_date() for lockout-related duration inputs to
authorGreg Hudson <ghudson@mit.edu>
Mon, 16 May 2011 03:54:16 +0000 (03:54 +0000)
committerGreg Hudson <ghudson@mit.edu>
Mon, 16 May 2011 03:54:16 +0000 (03:54 +0000)
modpol and addpol, but still allow bare numbers of seconds since
that's what we took in 1.8 and 1.9.  Use strdur() to display
lockout-related durations in getpol.  Reported by
shawn.emery@oracle.com.

ticket: 6911

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24931 dc483132-0cff-0310-8789-dd5450dbe970

src/kadmin/cli/kadmin.c

index ac08ffac0e641d7e105d72a7182bd8547b7f29da..05561b671bf9fdcd5355292f3321960354f8f22d 100644 (file)
@@ -38,6 +38,7 @@
 #include <errno.h>
 #include <stdio.h>
 #include <string.h>
+#include <ctype.h>
 #include <sys/types.h>
 #include <math.h>
 #include <unistd.h>
@@ -1607,7 +1608,12 @@ kadmin_parse_policy_args(int argc, char *argv[], kadm5_policy_ent_t policy,
             if (++i > argc - 2)
                 return -1;
             else {
-                policy->pw_failcnt_interval = atoi(argv[i]);
+                date = get_date(argv[i]);
+                /* Allow bare numbers for compatibility with 1.8-1.9. */
+                if (date == (time_t)-1 && isdigit(*argv[i]))
+                    policy->pw_failcnt_interval = atoi(argv[i]);
+                else
+                    policy->pw_failcnt_interval = date - now;
                 *mask |= KADM5_PW_FAILURE_COUNT_INTERVAL;
                 continue;
             }
@@ -1616,7 +1622,12 @@ kadmin_parse_policy_args(int argc, char *argv[], kadm5_policy_ent_t policy,
             if (++i > argc - 2)
                 return -1;
             else {
-                policy->pw_lockout_duration = atoi(argv[i]);
+                date = get_date(argv[i]);
+                /* Allow bare numbers for compatibility with 1.8-1.9. */
+                if (date == (time_t)-1 && isdigit(*argv[i]))
+                    policy->pw_lockout_duration = atoi(argv[i]);
+                else
+                    policy->pw_lockout_duration = date - now;
                 *mask |= KADM5_PW_LOCKOUT_DURATION;
                 continue;
             }
@@ -1734,10 +1745,10 @@ kadmin_getpol(int argc, char *argv[])
         printf("Reference count: %ld\n", policy.policy_refcnt);
         printf("Maximum password failures before lockout: %lu\n",
                (unsigned long)policy.pw_max_fail);
-        printf("Password failure count reset interval: %ld\n",
-               (long)policy.pw_failcnt_interval);
-        printf("Password lockout duration: %ld\n",
-               (long)policy.pw_lockout_duration);
+        printf("Password failure count reset interval: %s\n",
+               strdur(policy.pw_failcnt_interval));
+        printf("Password lockout duration: %s\n",
+               strdur(policy.pw_lockout_duration));
     } else {
         printf("\"%s\"\t%ld\t%ld\t%ld\t%ld\t%ld\t%ld\t%lu\t%ld\t%ld\n",
                policy.policy, policy.pw_max_life, policy.pw_min_life,