Marc Richter <m...@marc-richter.info> writes: > your answer seems to have pointed me into the right direction: It > seems as if it stands in relation with the very large values I > assigned:
[...] > Not sure if this has to be classified as a bug or not now > ... normally, kadmin and kadmin.local should behave the same way, so > I'd say it is, even though the value I used is stupid, it shouldn't > lead to that behavior. I think this is probably a bug; I haven't figured out yet the best way to fix it because it's due to multiple pieces of code interacting badly. It might even count as multiple bugs. One possible source of confusion is that kadmind reports failure of the XDR functions in the RPC library as "communication failure". This failure happens because the pw_max_life field of the policy record is a long, and xdr_long() gets used to encode the value, but xdr_long() explicitly checks for a signed 32-bit value. The long type is 64 bits on amd64 Linux. Another contributing factor is that the code that stores the policy record into the KDB inconsistently uses xdr_u_int32() instead of xdr_long(). Thanks for the confirmation! ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
