git.ipfire.org Git - thirdparty/krb5.git/commit

author	Greg Hudson <ghudson@mit.edu>
	Sat, 19 Aug 2017 23:09:24 +0000 (19:09 -0400)
committer	Greg Hudson <ghudson@mit.edu>
	Tue, 22 Aug 2017 00:52:33 +0000 (20:52 -0400)
commit	09acbd91efc6df54e1572285ffc94c6acb3a9113
tree	d1ed39cf7bc396dbb3907bb9d183d519875fb1cb	tree
parent	d9e8bdc9858a1dbe135db2d12c70854ef1851ce8	commit \| diff

Fix bugs in kdcpolicy commit

Commit d0969f6a8170344031ef58fd2a161190f1edfb96 added tests using
"klist ccachname -e", which does not work with a POSIX-conformant
getopt() implementation such as the one in Solaris. Fix
t_kdcpolicy.py to use "klist -e ccachename" instead.

The tests could fail if the clock second rolled over between kinit and
kvno. Divide service ticket maximum lifetimes by 2 in the test module
to correctly exercise TGS policy restrictions and ensure that service
tickets are not constrained by the TGT end time.

Also use the correct trace macro when a kdcpolicy module declines to
initialize (my mistake when revising the commit, noted by rharwood).

ticket: 8606

src/kdc/policy.c		diff \| blob \| blame \| history
src/plugins/kdcpolicy/test/main.c		diff \| blob \| blame \| history
src/tests/t_kdcpolicy.py		diff \| blob \| blame \| history