[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

kpasswd and retransmits

To: heimdal-discuss@sics.se
Subject: kpasswd and retransmits
From: Derrick J Brashear <shadow@dementia.org>
Date: Tue, 11 Jul 2000 14:59:47 -0400 (EDT)
In-Reply-To: <Pine.SOL.3.96L.1000711103547.15784C-100000@johnstown.andrew.cmu.edu>
Sender: owner-heimdal-discuss@sics.se

I noticed the bizarre behavior that the first, and only the first, kpasswd
client to talk to my kpasswdd was failing with "Mutual authentication
failed" but changing the password anyway.

It turns out what's happening is the daemon is delayed just long enough
that the client sends a second request, and caches the new ctime/cusec in
the auth context, then gets a reply with the old one. 

I'm not sure what the "right" answer to this is... not retransmit?
remember all the ctime/cusec pairs?

-D

Follow-Ups:
- Re: kpasswd and retransmits
  - From: Ken Hornstein <kenh@cmf.nrl.navy.mil>
- Re: kpasswd and retransmits
  - From: Assar Westerlund <assar@sics.se>

References:
- kpasswd and KRB5_AUTH_CONTEXT_DO_SEQUENCE
  - From: Derrick J Brashear <shadow@dementia.org>

Prev by Date: kpasswd and KRB5_AUTH_CONTEXT_DO_SEQUENCE
Next by Date: Re: kpasswd and retransmits
Prev by thread: kpasswd and KRB5_AUTH_CONTEXT_DO_SEQUENCE
Next by thread: Re: kpasswd and retransmits
Index(es):
- Date
- Thread