[SSSD] [sssd PR#904][opened] KCM: Set kdc_offset to zero initially

Wed, 16 Oct 2019 13:21:48 -0700 

   URL: https://github.com/SSSD/sssd/pull/904
Author: jhrozek
 Title: #904: KCM: Set kdc_offset to zero initially
Action: opened

PR body:
"""
Resolves: https://pagure.io/SSSD/sssd/issue/4100

KCM assumed that the client library would always set the KDC offset, but 
that's not always the case, especially when using multiple krb contexts 
from the client application:
   https://bugzilla.redhat.com/show_bug.cgi?id=1757224#c64

Heimdal also creates ccaches with zero kdc_offset:
  
https://github.com/heimdal/heimdal/commit/9f58896af958ae5e6e3ebde8c48dad4eda841986
 
so we should do the same..
"""

To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/904/head:pr904
git checkout pr904

From 8b20ea96054165167e4cf53b5a838b11f590bc32 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhro...@redhat.com>
Date: Fri, 11 Oct 2019 09:20:20 +0200
Subject: [PATCH] KCM: Set kdc_offset to zero initially

Resolves: https://pagure.io/SSSD/sssd/issue/4100

KCM assumed that the client library would always set the KDC offset, but
that's not always the case, especially when using multiple krb contexts
from the client application:
    https://bugzilla.redhat.com/show_bug.cgi?id=1757224#c64

Heimdal also creates ccaches with zero kdc_offset:
    https://github.com/heimdal/heimdal/commit/9f58896af958ae5e6e3ebde8c48dad4eda841986
so we should do the same..
---
 src/responder/kcm/kcmsrv_ccache.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/responder/kcm/kcmsrv_ccache.c b/src/responder/kcm/kcmsrv_ccache.c
index e24da9aa25..66e2752ba7 100644
--- a/src/responder/kcm/kcmsrv_ccache.c
+++ b/src/responder/kcm/kcmsrv_ccache.c
@@ -82,7 +82,7 @@ errno_t kcm_cc_new(TALLOC_CTX *mem_ctx,
 
     cc->owner.uid = cli_creds_get_uid(owner);
     cc->owner.gid = cli_creds_get_gid(owner);
-    cc->kdc_offset = INT32_MAX;
+    cc->kdc_offset = 0;
 
     talloc_set_destructor(cc, kcm_cc_destructor);
     *_cc = cc;

_______________________________________________
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org

Reply via email to