oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

fast cookie expiration

Browse Source
This commit is contained in:
Love Hörnquist Åstrand
2011-07-24 21:21:39 -07:00
parent 46f285bcc9
commit f0371bb2ee
2 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
kdc/fast.c
View File

@@ -114,6 +114,12 @@ fast_parse_cookie(kdc_request_t r, const PA_DATA *pa)
if (ret)
goto out;
if (r->fast.expiration < kdc_time) {
kdc_log(r->context, r->config, 0, "fast cookie expired");
ret = KRB5KDC_ERR_POLICY;
goto out;
}
out:
free_KDCFastCookie(&data);
@@ -131,6 +137,8 @@ fast_add_cookie(kdc_request_t r, METHOD_DATA *method_data)
memset(&shell, 0, sizeof(shell));
r->fast.expiration = kdc_time + FAST_EXPIRATION_TIME;
ASN1_MALLOC_ENCODE(KDCFastState, data.data, data.length,
&r->fast, &size, ret);
if (ret)

2
kdc/kdc_locl.h
View File

@@ -47,6 +47,8 @@ typedef struct kdc_request_desc *kdc_request_t;
#include <kdc-private.h>
#define FAST_EXPIRATION_TIME (3 * 60)
struct kdc_request_desc {
krb5_context context;
krb5_kdc_configuration *config;