(do_authenticate): check for time skew

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9110 ec53bebd-3082-4978-b11e-865c3cabbd6b
2000-10-08 18:35:19 +00:00
parent 9b4ba3ef16
commit 8c87a006a4
1 changed files with 5 additions and 0 deletions
--- a/kdc/kaserver.c
+++ b/kdc/kaserver.c
@@ -469,6 +469,11 @@ do_authenticate (struct rx_header *hdr,
    krb5_ret_int32 (reply_sp, &chal);
    krb5_storage_free (reply_sp);
    if (abs(chal - kdc_time) > context->max_skew) {
 	make_error_reply (hdr, KACLOCKSKEW, reply);
 	goto out;
    }
    /* life */
    max_life = end_time - kdc_time;
    if (client_entry->max_life)