From c8b8901b05da9e31dba320f305ec20301e928cfb Mon Sep 17 00:00:00 2001 From: Sumit Bose Date: Mon, 8 Nov 2010 16:00:57 +0100 Subject: Add krb5_renewable_lifetime option --- src/providers/krb5/krb5_common.c | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) (limited to 'src/providers/krb5/krb5_common.c') diff --git a/src/providers/krb5/krb5_common.c b/src/providers/krb5/krb5_common.c index bf47dcc4..1a62bbe3 100644 --- a/src/providers/krb5/krb5_common.c +++ b/src/providers/krb5/krb5_common.c @@ -40,7 +40,8 @@ struct dp_option default_krb5_opts[] = { { "krb5_keytab", DP_OPT_STRING, { "/etc/krb5.keytab" }, NULL_STRING }, { "krb5_validate", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE }, { "krb5_kpasswd", DP_OPT_STRING, NULL_STRING, NULL_STRING }, - { "krb5_store_password_if_offline", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE } + { "krb5_store_password_if_offline", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE }, + { "krb5_renewable_lifetime", DP_OPT_STRING, NULL_STRING, NULL_STRING } }; errno_t check_and_export_options(struct dp_option *opts, @@ -49,6 +50,8 @@ errno_t check_and_export_options(struct dp_option *opts, int ret; const char *realm; const char *dummy; + char *str; + krb5_deltat lifetime; realm = dp_opt_get_cstring(opts, KRB5_REALM); if (realm == NULL) { @@ -66,6 +69,25 @@ errno_t check_and_export_options(struct dp_option *opts, SSSD_KRB5_REALM)); } + str = dp_opt_get_string(opts, KRB5_RENEWABLE_LIFETIME); + if (str == NULL) { + DEBUG(5, ("No renewable lifetime configured.\n")); + } else { + ret = krb5_string_to_deltat(str, &lifetime); + if (ret != 0) { + DEBUG(1, ("Invalid value [%s] for krb5_renewable_lifetime.\n", + str)); + return EINVAL; + } + + ret = setenv(SSSD_KRB5_RENEWABLE_LIFETIME, str, 1); + if (ret != EOK) { + DEBUG(2, ("setenv [%s] failed.\n", + SSSD_KRB5_RENEWABLE_LIFETIME)); + return ret; + } + } + dummy = dp_opt_get_cstring(opts, KRB5_KDC); if (dummy == NULL) { DEBUG(1, ("No KDC explicitly configured, using defaults.\n")); -- cgit