From: Greg Hudson <ghudson@mit.edu>
Date: Mon, 25 Apr 2011 22:01:47 +0000 (+0000)
Subject: Correctly set the expiration field of impersonated credentials in
X-Git-Tag: krb5-1.10-alpha1~452
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=d3755d5e0f9e7a7864377333cfccdf1a8a3ecc30;p=thirdparty%2Fkrb5.git

Correctly set the expiration field of impersonated credentials in
kg_compose_deleg_cred(), so we can find them in the cache in
init_sec_context.  From aberry@likewise.com.

ticket: 6902

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24900 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/lib/gssapi/krb5/s4u_gss_glue.c b/src/lib/gssapi/krb5/s4u_gss_glue.c
index cf9562c996..8406c3df92 100644
--- a/src/lib/gssapi/krb5/s4u_gss_glue.c
+++ b/src/lib/gssapi/krb5/s4u_gss_glue.c
@@ -218,7 +218,7 @@ kg_compose_deleg_cred(OM_uint32 *minor_status,
     cred->usage = GSS_C_INITIATE;
     cred->proxy_cred = !!(subject_creds->ticket_flags & TKT_FLG_FORWARDABLE);
 
-    cred->tgt_expire = impersonator_cred->tgt_expire;
+    cred->tgt_expire = subject_creds->times.endtime;
 
     code = kg_init_name(context, subject_creds->client, NULL, NULL, NULL, 0,
                         &cred->name);