From 5523d977815b063e513273daafcefd43e98b5eba Mon Sep 17 00:00:00 2001 From: Paul Park Date: Mon, 5 Jun 1995 18:27:57 +0000 Subject: [PATCH] Specify maxlife and maxrenewlife fields when creating changepw git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5948 dc483132-0cff-0310-8789-dd5450dbe970 --- src/kadmin/v5server/ChangeLog | 6 ++++++ src/kadmin/v5server/srv_key.c | 9 +++++++++ 2 files changed, 15 insertions(+) diff --git a/src/kadmin/v5server/ChangeLog b/src/kadmin/v5server/ChangeLog index c1779510d..d357a39b4 100644 --- a/src/kadmin/v5server/ChangeLog +++ b/src/kadmin/v5server/ChangeLog @@ -1,4 +1,10 @@ +Mon Jun 5 14:14:10 EDT 1995 Paul Park (pjpark@mit.edu) + * srv_key.c(key_get_admin_entry) - When adding database entry for + changepw principal, supply a maximum life and maximum renewable + lifetime so that it doesn't end up being zero. + + Thu Jun 1 14:34:41 EDT 1995 Paul Park (pjpark@mit.edu) * srv_acl.c: Change default acl file name to be a #define. If it is not defined, then default to /krb5/krb5_adm.acl. diff --git a/src/kadmin/v5server/srv_key.c b/src/kadmin/v5server/srv_key.c index 875b1e96b..8dba7c375 100644 --- a/src/kadmin/v5server/srv_key.c +++ b/src/kadmin/v5server/srv_key.c @@ -31,6 +31,13 @@ #include "kadm5_defs.h" #include "mit-des.h" +/* + * These control the maximum [renewable] life of the changepw principal, if + * it is created by us. + */ +#define KEY_DEF_MAX_LIFE (2*60*60) +#define KEY_DEF_MAX_RLIFE (2*60*60) + static const char *key_cpw_ufokey_fmt = "%s: no keys in database entry for %s.\n"; static const char *key_cpw_decerr_fmt = "%s: cannot decode keys for %s.\n"; static const char *key_add_cpw_err_fmt = "%s: cannot add entry for %s (%s).\n"; @@ -202,6 +209,8 @@ key_get_admin_entry(kcontext) krb5_timeofday(kcontext, &madmin_entry.mod_date); madmin_entry.last_pwd_change = madmin_entry.mod_date; madmin_entry.mkvno = key_master_entry()->kvno; + madmin_entry.max_life = KEY_DEF_MAX_LIFE; + madmin_entry.max_renewable_life = KEY_DEF_MAX_RLIFE; number_of_entries = 1; /* -- 2.26.2