From c7d73cf51642c7f89c1f21e54b8ce1b262bef899 Mon Sep 17 00:00:00 2001
From: Sumit Bose <sbose@redhat.com>
Date: Mon, 8 Nov 2010 18:25:56 +0100
Subject: Add krb5_lifetime option

---
 src/providers/krb5/krb5_child.c | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

(limited to 'src/providers/krb5/krb5_child.c')

diff --git a/src/providers/krb5/krb5_child.c b/src/providers/krb5/krb5_child.c
index 2a2ed9b4..f29869bc 100644
--- a/src/providers/krb5/krb5_child.c
+++ b/src/providers/krb5/krb5_child.c
@@ -1179,8 +1179,22 @@ static int krb5_child_setup(struct krb5_req *kr, uint32_t offline)
         krb5_get_init_creds_opt_set_renew_life(kr->options, lifetime);
     }
 
+    lifetime_str = getenv(SSSD_KRB5_LIFETIME);
+    if (lifetime_str == NULL) {
+        DEBUG(7, ("Cannot read [%s] from environment.\n",
+                  SSSD_KRB5_LIFETIME));
+    } else {
+        kerr = krb5_string_to_deltat(lifetime_str, &lifetime);
+        if (kerr != 0) {
+            DEBUG(1, ("krb5_string_to_deltat failed for [%s].\n",
+                      lifetime_str));
+            KRB5_DEBUG(1, kerr);
+            goto failed;
+        }
+        krb5_get_init_creds_opt_set_tkt_life(kr->options, lifetime);
+    }
+
 /* TODO: set options, e.g.
- *  krb5_get_init_creds_opt_set_tkt_life
  *  krb5_get_init_creds_opt_set_forwardable
  *  krb5_get_init_creds_opt_set_proxiable
  *  krb5_get_init_creds_opt_set_etype_list
-- 
cgit