[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

rd_priv timestamp checking and kpasswdd

To: heimdal-discuss@sics.se
Subject: rd_priv timestamp checking and kpasswdd
From: Derrick J Brashear <shadow@dementia.org>
Date: Tue, 8 Aug 2000 12:41:42 -0400 (EDT)
Sender: owner-heimdal-discuss@sics.se

in rd_priv there's code:
  /* check timestamp */ 
  if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_TIME) { 
      krb5_timestamp sec; 
 
      krb5_timeofday (context, &sec); 
 
      if (part.timestamp != NULL && 
          part.usec      != NULL &&  
          abs(*part.timestamp - sec) > context->max_skew) { 
          ret = KRB5KRB_AP_ERR_SKEW; 
          goto failure_part; 
      } 
  } 

Interestingly this is making kpasswdd lose from MIT clients because
neither timestamp nor usec is set. Same deal with the built-in Win2000
password changing. I'm going to deal temporarily.

Any comments?

-D

Follow-Ups:
- Re: rd_priv timestamp checking and kpasswdd
  - From: joda@pdc.kth.se (Johan Danielsson)

Prev by Date: more issues
Next by Date: Re: more issues
Prev by thread: Re: more issues
Next by thread: Re: rd_priv timestamp checking and kpasswdd
Index(es):
- Date
- Thread