Correctly set the expiration field of impersonated credentials in

author Greg Hudson <ghudson@mit.edu>

Mon, 25 Apr 2011 22:01:47 +0000 (22:01 +0000)

committer Greg Hudson <ghudson@mit.edu>

Mon, 25 Apr 2011 22:01:47 +0000 (22:01 +0000)
author Greg Hudson <ghudson@mit.edu>
Mon, 25 Apr 2011 22:01:47 +0000 (22:01 +0000)
committer Greg Hudson <ghudson@mit.edu>
Mon, 25 Apr 2011 22:01:47 +0000 (22:01 +0000)
diff --git a/src/lib/gssapi/krb5/s4u_gss_glue.c b/src/lib/gssapi/krb5/s4u_gss_glue.c

index cf9562c99664947aff7e7720fe8f21811f728074..8406c3df920ec63d2acacf2a514f75a9f208f75b 100644 (file)
--- a/src/lib/gssapi/krb5/s4u_gss_glue.c
+++ b/src/lib/gssapi/krb5/s4u_gss_glue.c
@@ -218,7 +218,7 @@ kg_compose_deleg_cred(OM_uint32 *minor_status,
      cred->usage = GSS_C_INITIATE;
      cred->proxy_cred = !!(subject_creds->ticket_flags & TKT_FLG_FORWARDABLE);
  
-    cred->tgt_expire = impersonator_cred->tgt_expire;
+    cred->tgt_expire = subject_creds->times.endtime;
  
      code = kg_init_name(context, subject_creds->client, NULL, NULL, NULL, 0,
                          &cred->name);
author	Greg Hudson <ghudson@mit.edu>
	Mon, 25 Apr 2011 22:01:47 +0000 (22:01 +0000)
committer	Greg Hudson <ghudson@mit.edu>
	Mon, 25 Apr 2011 22:01:47 +0000 (22:01 +0000)