oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

(krb5_verify_ap_re2): check timestamp in authenticator

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16309 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2005-11-29 15:55:34 +00:00
parent ca1a379a41
commit 755229f6d3
1 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
lib/krb5/rd_req.c
View File

@@ -421,6 +421,19 @@ krb5_verify_ap_req2(krb5_context context,
goto out; goto out;
} }
/* check timestamp in authenticator */
{
krb5_timestamp now;
krb5_timeofday (context, &now);
if (abs(ac->authenticator->ctime - now) > context->max_skew) {
ret = KRB5KRB_AP_ERR_SKEW;
krb5_clear_error_string (context);
goto out;
}
}
if (ac->authenticator->seq_number) if (ac->authenticator->seq_number)
krb5_auth_con_setremoteseqnumber(context, ac, krb5_auth_con_setremoteseqnumber(context, ac,
*ac->authenticator->seq_number); *ac->authenticator->seq_number);