From 8a47809c18914eaf01b4bb02e3af36bd11e31b6e Mon Sep 17 00:00:00 2001
From: Assar Westerlund <assar@sics.se>
Date: Sun, 9 Mar 1997 20:59:26 +0000
Subject: [PATCH] do some checks on times

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@1332 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/krb5/rd_req.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/lib/krb5/rd_req.c b/lib/krb5/rd_req.c
index fcc26ebfb..fa8ce0bae 100644
--- a/lib/krb5/rd_req.c
+++ b/lib/krb5/rd_req.c
@@ -56,6 +56,7 @@ krb5_rd_req(krb5_context context,
   krb5_error_code ret;
   AP_REQ ap_req;
   int len;
+  struct timeval now;
 
   if (*auth_context == NULL) {
     ret = krb5_auth_con_init(context, auth_context);
@@ -143,6 +144,13 @@ krb5_rd_req(krb5_context context,
     }
 
     /* Check address and time */
+    gettimeofday (&now, NULL);
+    if ((decr_part.starttime ? *decr_part.starttime : decr_part.authtime)
+	- now.tv_sec > 600 ||
+	decr_part.flags.invalid)
+      return KRB5KRB_AP_ERR_TKT_NYV;
+    if (now.tv_sec - decr_part.endtime > 600)
+      return KRB5KRB_AP_ERR_TKT_EXPIRED;
 
     return 0;
   }