| 1 | /* |
| 2 | * Ticket lifetime. This defines the table used to lookup lifetime |
| 3 | * for the fixed part of rande of the one byte lifetime field. Values |
| 4 | * less than 0x80 are intrpreted as the number of 5 minute intervals. |
| 5 | * Values from 0x80 to 0xBF should be looked up in this table. The |
| 6 | * value of 0x80 is the same using both methods: 10 and two-thirds |
| 7 | * hours . The lifetime of 0xBF is 30 days. The intervening values |
| 8 | * of have a fixed ratio of roughly 1.06914. The value 0xFF is |
| 9 | * defined to mean a ticket has no expiration time. This should be |
| 10 | * used advisedly since individual servers may impose defacto |
| 11 | * upperbounds on ticket lifetimes. |
| 12 | */ |
| 13 | |
| 14 | #define TKTLIFENUMFIXED 64 |
| 15 | #define TKTLIFEMINFIXED 0x80 |
| 16 | #define TKTLIFEMAXFIXED 0xBF |
| 17 | #define TKTLIFENOEXPIRE 0xFF |
| 18 | #define MAXTKTLIFETIME (30*24*3600) /* 30 days */ |
| 19 | #ifndef NEVERDATE |
| 20 | #define NEVERDATE ((unsigned long)-1L) |
| 21 | #endif |
| 22 | |
| 23 | static int tkt_lifetimes[TKTLIFENUMFIXED] = { |
| 24 | 38400, /* 10.67 hours, 0.44 days */ |
| 25 | 41055, /* 11.40 hours, 0.48 days */ |
| 26 | 43894, /* 12.19 hours, 0.51 days */ |
| 27 | 46929, /* 13.04 hours, 0.54 days */ |
| 28 | 50174, /* 13.94 hours, 0.58 days */ |
| 29 | 53643, /* 14.90 hours, 0.62 days */ |
| 30 | 57352, /* 15.93 hours, 0.66 days */ |
| 31 | 61318, /* 17.03 hours, 0.71 days */ |
| 32 | 65558, /* 18.21 hours, 0.76 days */ |
| 33 | 70091, /* 19.47 hours, 0.81 days */ |
| 34 | 74937, /* 20.82 hours, 0.87 days */ |
| 35 | 80119, /* 22.26 hours, 0.93 days */ |
| 36 | 85658, /* 23.79 hours, 0.99 days */ |
| 37 | 91581, /* 25.44 hours, 1.06 days */ |
| 38 | 97914, /* 27.20 hours, 1.13 days */ |
| 39 | 104684, /* 29.08 hours, 1.21 days */ |
| 40 | 111922, /* 31.09 hours, 1.30 days */ |
| 41 | 119661, /* 33.24 hours, 1.38 days */ |
| 42 | 127935, /* 35.54 hours, 1.48 days */ |
| 43 | 136781, /* 37.99 hours, 1.58 days */ |
| 44 | 146239, /* 40.62 hours, 1.69 days */ |
| 45 | 156350, /* 43.43 hours, 1.81 days */ |
| 46 | 167161, /* 46.43 hours, 1.93 days */ |
| 47 | 178720, /* 49.64 hours, 2.07 days */ |
| 48 | 191077, /* 53.08 hours, 2.21 days */ |
| 49 | 204289, /* 56.75 hours, 2.36 days */ |
| 50 | 218415, /* 60.67 hours, 2.53 days */ |
| 51 | 233517, /* 64.87 hours, 2.70 days */ |
| 52 | 249664, /* 69.35 hours, 2.89 days */ |
| 53 | 266926, /* 74.15 hours, 3.09 days */ |
| 54 | 285383, /* 79.27 hours, 3.30 days */ |
| 55 | 305116, /* 84.75 hours, 3.53 days */ |
| 56 | 326213, /* 90.61 hours, 3.78 days */ |
| 57 | 348769, /* 96.88 hours, 4.04 days */ |
| 58 | 372885, /* 103.58 hours, 4.32 days */ |
| 59 | 398668, /* 110.74 hours, 4.61 days */ |
| 60 | 426234, /* 118.40 hours, 4.93 days */ |
| 61 | 455705, /* 126.58 hours, 5.27 days */ |
| 62 | 487215, /* 135.34 hours, 5.64 days */ |
| 63 | 520904, /* 144.70 hours, 6.03 days */ |
| 64 | 556921, /* 154.70 hours, 6.45 days */ |
| 65 | 595430, /* 165.40 hours, 6.89 days */ |
| 66 | 636601, /* 176.83 hours, 7.37 days */ |
| 67 | 680618, /* 189.06 hours, 7.88 days */ |
| 68 | 727680, /* 202.13 hours, 8.42 days */ |
| 69 | 777995, /* 216.11 hours, 9.00 days */ |
| 70 | 831789, /* 231.05 hours, 9.63 days */ |
| 71 | 889303, /* 247.03 hours, 10.29 days */ |
| 72 | 950794, /* 264.11 hours, 11.00 days */ |
| 73 | 1016537, /* 282.37 hours, 11.77 days */ |
| 74 | 1086825, /* 301.90 hours, 12.58 days */ |
| 75 | 1161973, /* 322.77 hours, 13.45 days */ |
| 76 | 1242318, /* 345.09 hours, 14.38 days */ |
| 77 | 1328218, /* 368.95 hours, 15.37 days */ |
| 78 | 1420057, /* 394.46 hours, 16.44 days */ |
| 79 | 1518247, /* 421.74 hours, 17.57 days */ |
| 80 | 1623226, /* 450.90 hours, 18.79 days */ |
| 81 | 1735464, /* 482.07 hours, 20.09 days */ |
| 82 | 1855462, /* 515.41 hours, 21.48 days */ |
| 83 | 1983758, /* 551.04 hours, 22.96 days */ |
| 84 | 2120925, /* 589.15 hours, 24.55 days */ |
| 85 | 2267576, /* 629.88 hours, 26.25 days */ |
| 86 | 2424367, /* 673.44 hours, 28.06 days */ |
| 87 | 2592000}; /* 720.00 hours, 30.00 days */ |
| 88 | |
| 89 | /* |
| 90 | * krb_life_to_time - takes a start time and a Kerberos standard |
| 91 | * lifetime char and returns the corresponding end time. There are |
| 92 | * four simple cases to be handled. The first is a life of 0xff, |
| 93 | * meaning no expiration, and results in an end time of 0xffffffff. |
| 94 | * The second is when life is less than the values covered by the |
| 95 | * table. In this case, the end time is the start time plus the |
| 96 | * number of 5 minute intervals specified by life. The third case |
| 97 | * returns start plus the MAXTKTLIFETIME if life is greater than |
| 98 | * TKTLIFEMAXFIXED. The last case, uses the life value (minus |
| 99 | * TKTLIFEMINFIXED) as an index into the table to extract the lifetime |
| 100 | * in seconds, which is added to start to produce the end time. |
| 101 | */ |
| 102 | unsigned long krb_life_to_time(start, life) |
| 103 | unsigned long start; |
| 104 | int life; |
| 105 | { |
| 106 | life = (unsigned char) life; |
| 107 | if (life == TKTLIFENOEXPIRE) return NEVERDATE; |
| 108 | if (life < TKTLIFEMINFIXED) return start + life*5*60; |
| 109 | if (life > TKTLIFEMAXFIXED) return start + MAXTKTLIFETIME; |
| 110 | return start + tkt_lifetimes[life - TKTLIFEMINFIXED]; |
| 111 | } |
| 112 | |
| 113 | /* |
| 114 | * krb_time_to_life - takes start and end times for the ticket and |
| 115 | * returns a Kerberos standard lifetime char, possibily using the |
| 116 | * tkt_lifetimes table for lifetimes above 127*5 minutes. First, the |
| 117 | * special case of (end == NEVERDATE) is handled to mean no |
| 118 | * expiration. Then negative lifetimes and those greater than the |
| 119 | * maximum ticket lifetime are rejected. Then lifetimes less than the |
| 120 | * first table entry are handled by rounding the requested lifetime |
| 121 | * *up* to the next 5 minute interval. The final step is to search |
| 122 | * the table for the smallest entry *greater than or equal* to the |
| 123 | * requested entry. |
| 124 | */ |
| 125 | int krb_time_to_life(start, end) |
| 126 | unsigned long start; |
| 127 | unsigned long end; |
| 128 | { |
| 129 | long lifetime; |
| 130 | int i; |
| 131 | |
| 132 | if (end == NEVERDATE) return TKTLIFENOEXPIRE; |
| 133 | lifetime = end - start; |
| 134 | if (lifetime > MAXTKTLIFETIME || lifetime <= 0) return 0; |
| 135 | if (lifetime < tkt_lifetimes[0]) return (lifetime + 5*60 - 1)/(5*60); |
| 136 | for (i=0; i<TKTLIFENUMFIXED; i++) { |
| 137 | if (lifetime <= tkt_lifetimes[i]) { |
| 138 | return i+TKTLIFEMINFIXED; |
| 139 | } |
| 140 | } |
| 141 | return 0; |
| 142 | } |