rxkad-increase-token-ticket-sizes-20040401

In order to support the large ticket sizes produced by Microsoft
Active Directory and allow the use of raw Kerberos 5 tickets as tokens
increase the size of MAXKTCTICKETLEN and MAXKRB5TICKETLEN to 4096
from 344 and 1024 respectively.

diff --git a/src/rxkad/rxkad.p.h b/src/rxkad/rxkad.p.h
index a98cd89..1b33fb9 100644 (file)
--- a/src/rxkad/rxkad.p.h
+++ b/src/rxkad/rxkad.p.h
@@ -16,7 +16,7 @@
                /* no ticket good for longer than 30 days */
 #define MAXKTCTICKETLIFETIME (30*24*3600)
 #define MINKTCTICKETLEN              32
-#define        MAXKTCTICKETLEN       344
+#define        MAXKTCTICKETLEN       4096  /* was 344 */
 #define        MAXKTCNAMELEN         64        /* name & inst should be 256 */
 #define MAXKTCREALMLEN       64        /* should be 256 */
 #define KTC_TIME_UNCERTAINTY (15*60)   /* max skew bet. machines' clocks */
@@ -38,7 +38,7 @@
 #define RXKAD_TKT_TYPE_KERBEROS_V5             256
 #define RXKAD_TKT_TYPE_KERBEROS_V5_ENCPART_ONLY        213
 
-#define MAXKRB5TICKETLEN                       1024
+#define MAXKRB5TICKETLEN                       4096
 
 /*
  * The AFS/DFS translator may also make use of additional ticket types in