netbsd-bugs: security/9098: kinit kerberos lifetime calculates incrrectly

Subject: security/9098: kinit kerberos lifetime calculates incrrectly
To: None <gnats-bugs@gnats.netbsd.org>
From: Christian E. Hopps <chopps@scotch.merit.edu>
List: netbsd-bugs
Date: 01/01/2000 09:30:53

>Number:         9098
>Category:       security
>Synopsis:       kinit kerberos lifetime calculates incrrectly
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    security-officer (NetBSD Security Officer)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Jan  1 09:30:01 2000
>Last-Modified:
>Originator:     Christian E. Hopps
>Organization:
None
>Release:        1.4.1
>Environment:
	
System: NetBSD scotch.merit.edu 1.4.1 NetBSD 1.4.1 (SCOTCH.v6) #0: Wed Nov 17 23:59:07 EST 1999 chopps@scotch.merit.edu:/hope/NetBSD/kame/netbsd/sys/arch/i386/compile/SCOTCH.v6 i386


>Description:

	kinit incorrectly calculates the lifetime for a ticket when
	specified by the user.

>How-To-Repeat:
	specify a ticket lifetime with kinit and then klist to see it
	has been set incorrectly.
>Fix:
	this patch appears to fix the problem:

Index: kinit.c
===================================================================
RCS file: /cvsroot/cryptosrc-us/crypto-us/usr.bin/kinit/kinit.c,v
retrieving revision 1.1.1.1
diff -u -r1.1.1.1 kinit.c
--- kinit.c	1995/12/22 07:27:33	1.1.1.1
+++ kinit.c	2000/01/01 17:27:29
@@ -160,7 +160,7 @@
 	 if (lifetime < 5)
 	      lifetime = 1;
 	 else
-	      lifetime /= krb_time_to_life(0, lifetime*60);
+	      lifetime = krb_time_to_life(0, lifetime*60);
 	 /* This should be changed if the maximum ticket lifetime */
 	 /* changes */
 	 if (lifetime > 255)
>Audit-Trail:
>Unformatted: