3 files changed, 138 insertions, 0 deletions
diff --git a/src/lib/krb4/ChangeLog b/src/lib/krb4/ChangeLog
index 9b091bf..f87198f 100644
--- a/src/lib/krb4/ChangeLog
+++ b/src/lib/krb4/ChangeLog
@@ -1,3 +1,13 @@
+2000-08-31  Tom Yu  <tlyu@mit.edu>
+
+	* Makefile.in(OBJS, SRCS): Add lifetime.{o,c}.
+
+	* lifetime.c: New file.  For the purposes of CMU and AFS
+	compatibility, this implements the exponential krb4 ticket
+	lifetimes for lifetime values above 127, in the krb_life_to_time()
+	and krb_time_to_life() functions.  Values 127 and below are still
+	treated normally.
+
 Tue Aug 22 09:56:14 2000  Ezra Peisach  <epeisach@mit.edu>
 
 	* rd_svc_key.c (krb54_get_service_keyblock): If the keytab
diff --git a/src/lib/krb4/Makefile.in b/src/lib/krb4/Makefile.in
index 67dfa60..33206ad 100644
--- a/src/lib/krb4/Makefile.in
+++ b/src/lib/krb4/Makefile.in
@@ -45,6 +45,7 @@ OBJS	= \
 	$(OUTPRE)gethostname.$(OBJEXT) \
 	$(OUTPRE)getst.$(OBJEXT) \
 	$(OUTPRE)kname_parse.$(OBJEXT) \
+	$(OUTPRE)lifetime.$(OBJEXT) \
 	$(OUTPRE)mk_auth.$(OBJEXT) \
 	$(OUTPRE)mk_err.$(OBJEXT) \
 	$(OUTPRE)mk_priv.$(OBJEXT) \
@@ -79,6 +80,7 @@ SRCS = \
 	$(srcdir)/gethostname.c \
 	$(srcdir)/kname_parse.c \
 	$(srcdir)/err_txt.c \
+	$(srcdir)/lifetime.c \
 	$(srcdir)/g_in_tkt.c \
 	$(srcdir)/mk_auth.c \
 	$(srcdir)/mk_err.c \
diff --git a/src/lib/krb4/lifetime.c b/src/lib/krb4/lifetime.c
new file mode 100644
index 0000000..a8e05fd
--- /dev/null
+++ b/src/lib/krb4/lifetime.c
@@ -0,0 +1,126 @@
+/*
+ * Copyright 2000 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ * 
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ *
+ */
+
+#include "krb.h"
+
+/*
+ * Only lifetime bytes values less than 128 are on a linear scale.
+ * The following table contains an exponential scale that covers the
+ * lifetime values 128 to 191 inclusive (a total of 64 values).
+ * Values greater than 191 get interpreted the same as 191, but they
+ * will never be generated by the functions in this file.  The special
+ * case of a lifetime byte of 255 gets interpreted as never expiring,
+ * which corresponds to an expiration date of KRB_NEVERDATE, which
+ * should be (-1).
+ *
+ * The ratio is approximately 1.069144898 (actually exactly
+ * exp(log(67.5)/63), where 67.5 = 2592000/38400, and 259200 = 30
+ * days, and 38400 = 128*5 minutes.  This allows a lifetime byte of
+ * 191 to correspond to a ticket life of exactly 30 days and a
+ * lifetime byte of 191 to correspond to exactly 128*5 minutes, with
+ * the other values spread on an exponential curve fit in between
+ * them.  This table should correspond exactly to the set of extended
+ * ticket lifetime values used by AFS and CMU.
+ *
+ * The following awk script is sufficient to reproduce the table:
+ * BEGIN {
+ *     r = exp(log(2592000/38400)/63);
+ *     x = 38400;
+ *     for (i=0;i<64;i++) {
+ *         printf("%d\n",x+0.5);
+ *         x *= r;
+ *     }
+ * }
+ */
+#define NLIFETIMES 64
+static const KRB4_32 lifetimes[NLIFETIMES] = {
+    38400, 41055, 43894, 46929,
+    50174, 53643, 57352, 61318,
+    65558, 70091, 74937, 80119,
+    85658, 91581, 97914, 104684,
+    111922, 119661, 127935, 136781,
+    146239, 156350, 167161, 178720,
+    191077, 204289, 218415, 233517,
+    249664, 266926, 285383, 305116,
+    326213, 348769, 372885, 398668,
+    426234, 455705, 487215, 520904,
+    556921, 595430, 636601, 680618,
+    727680, 777995, 831789, 889303,
+    950794, 1016537, 1086825, 1161973,
+    1242318, 1328218, 1420057, 1518247,
+    1623226, 1735464, 1855462, 1983758,
+    2120925, 2267576, 2424367, 2592000
+};
+#define MINFIXED 0x80
+#define MAXFIXED (MINFIXED + NLIFETIMES - 1)
+#define NOEXPIRE 0xFF
+
+/*
+ * krb_life_to_time
+ *
+ * Given a start date and a lifetime byte, compute the expiration
+ * date.
+ */
+KRB4_32
+krb_life_to_time(KRB4_32 start, int life)
+{
+    if (life == NOEXPIRE)
+	return KRB_NEVERDATE;
+    if (life < 0)		/* possibly sign botch in caller */
+	return start;
+    if (life < MINFIXED)
+	return start + life * 5 * 60;
+    if (life > MAXFIXED)
+	return start + lifetimes[NLIFETIMES - 1];
+    return start + lifetimes[life - MINFIXED];
+}
+
+/*
+ * krb_time_to_life
+ *
+ * Given the start date and the end date, compute the lifetime byte.
+ * Round up, since we can adjust the start date backwards if we are
+ * issuing the ticket to cause it to expire at the correct time.
+ */
+int
+krb_time_to_life(KRB4_32 start, KRB4_32 end)
+{
+    KRB4_32 dt;
+    int i;
+
+    if (end == KRB_NEVERDATE)
+	return NOEXPIRE;
+    dt = start - end;
+    if (dt <= 0)
+	return 0;
+    if (dt < lifetimes[0])
+	return (dt + 5 * 60 - 1) / (5 * 60);
+    /* This depends on the array being ordered. */
+    for (i = 0; i < NLIFETIMES; i++) {
+	if (lifetimes[i] >= dt)
+	    return i + MINFIXED;
+    }
+    return MAXFIXED;
+}