From e8e9cd9710f45399e8ed8f935dbc9799af810ed5 Mon Sep 17 00:00:00 2001
From: Jeffrey Altman <jaltman@secure-endpoints.com>
Date: Thu, 16 Apr 2015 20:34:35 -0400
Subject: [PATCH] krb5: Introduce KRB5_TKT_LIFETIME_DEFAULT

Instead of hard coding 10 hours as the default ticket lifetime within
lib/krb5/init_cred_pw.c init_cred(), add a preprocessor macro,
KRB5_TKT_LIFETIME_DEFAULT, that can be overridden at build time.

The value of KRB5_TKT_LIFETIME_DEFAULT is 10 hours if not previously
defined.

Change-Id: I63e729fedee8e8c6f542e4a4665de5f40db34c03
---
 lib/krb5/init_creds_pw.c | 2 +-
 lib/krb5/krb5_locl.h     | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/lib/krb5/init_creds_pw.c b/lib/krb5/init_creds_pw.c
index 4e378a333..e0301c176 100644
--- a/lib/krb5/init_creds_pw.c
+++ b/lib/krb5/init_creds_pw.c
@@ -246,7 +246,7 @@ init_cred (krb5_context context,
     if (options->flags & KRB5_GET_INIT_CREDS_OPT_TKT_LIFE)
 	tmp = options->tkt_life;
     else
-	tmp = 10 * 60 * 60;
+	tmp = KRB5_TKT_LIFETIME_DEFAULT;
     cred->times.endtime = now + tmp;
 
     if ((options->flags & KRB5_GET_INIT_CREDS_OPT_RENEW_LIFE) &&
diff --git a/lib/krb5/krb5_locl.h b/lib/krb5/krb5_locl.h
index 59fe38669..53549d291 100644
--- a/lib/krb5/krb5_locl.h
+++ b/lib/krb5/krb5_locl.h
@@ -356,6 +356,10 @@ typedef struct krb5_context_data {
 #define KRB5_FALLBACK_DEFAULT TRUE
 #endif
 
+#ifndef KRB5_TKT_LIFETIME_DEFAULT
+# define KRB5_TKT_LIFETIME_DEFAULT	(10 * 60 * 60)	/* 10 hours */
+#endif
+
 #ifdef PKINIT
 
 struct krb5_pk_identity {