* conv_creds.c (krb524_convert_creds_plain):

if the v5 lifetime is greater than the max v4 lifetime, use the max
v4 lifetime (0xff), rather than masking it with 0xff.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7671 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/krb524/ChangeLog b/src/krb524/ChangeLog
index 282941e2de4f82b3f3e79db8cfecc4402574b1db..c9e7f1b6e5218ae2b93919f5cb168e23f6046fb5 100644 (file)
--- a/src/krb524/ChangeLog
+++ b/src/krb524/ChangeLog
@@ -1,3 +1,9 @@
+Tue Mar 19 17:07:44 1996  Richard Basch  <basch@lehman.com>
+
+       * conv_creds.c (krb524_convert_creds_plain):
+       if the v5 lifetime is greater than the max v4 lifetime, use the max
+       v4 lifetime (0xff), rather than masking it with 0xff.
+
 Fri Jan 12 04:37:23 1996  Mark Eichin  <eichin@cygnus.com>
 
        * cnv_tkt_skey.c (krb524_convert_tkt_skey): rather than apply fit

diff --git a/src/krb524/conv_creds.c b/src/krb524/conv_creds.c
index 5ab295f2b988557a9d9031cf19f9286466455a05..5346f883da675dc0731ea42dce76a4a9d2492eb7 100644 (file)
--- a/src/krb524/conv_creds.c
+++ b/src/krb524/conv_creds.c
@@ -99,6 +99,7 @@ int krb524_convert_creds_plain(context, v5creds, v4creds)
 {
      unsigned long addr;
      int ret;
+     krb5_timestamp lifetime;
      
      memset((char *) v4creds, 0, sizeof(CREDENTIALS));
 
@@ -122,8 +123,10 @@ int krb524_convert_creds_plain(context, v5creds, v4creds)
 
      /* V4 has no concept of authtime or renew_till, so ignore them */
      /* V4 lifetime is 1 byte, in 5 minute increments */
-     v4creds->lifetime = 0xff &
+     lifetime = 
          ((v5creds->times.endtime - v5creds->times.starttime) / 300);
+     v4creds->lifetime =
+         ((lifetime > 0xff) ? 0xff : lifetime);
      v4creds->issue_date = v5creds->times.starttime;
 
      /* XXX perhaps we should use the addr of the client host if */