kinit --renewable malfunctioning.

[Alberto Patino <jalbertop@aranea.com.mx>]

I have heimdal 0.6 running in Linux and Solaris 9 machines. Since last
monday I started to have problems with the kinit command. When I run
kinit with the --renewable option Im getting a Password Incorrect
message.

The problem is an integer overflow in the init_cred() function:
...

  if ((options->flags & KRB5_GET_INIT_CREDS_OPT_RENEW_LIFE) &&
	options->renew_life > 0) {
==>	cred->times.renew_till = now + options->renew_life;
    }
....
options->renew_life was previously set to 2**30. in the
get_new_tickets() function:
...
if(renew_life) {
	renew = parse_time (renew_life, "s");
	if (renew < 0)
	    errx (1, "unparsable time: %s", renew_life);

	krb5_get_init_creds_opt_set_renew_life (&opt, renew);
} else if (renewable_flag == 1)
==>	krb5_get_init_creds_opt_set_renew_life (&opt, 1 << 30);
...

So when you add the now variable to the options->renew_life you get an
overflow.

I change the parameter in the krb5_get_init_creds_opt_set_renew_life to
the max renewable set to a principal (3 months). Now there is no buffer
overflow and kinit --renewable is working right.

I don't now the reason behind to initialize options->renew_life to
2**30. I think must be initialized with other value.

Thanks.