summaryrefslogtreecommitdiffstats
path: root/src/kdc/kdc_preauth.c
diff options
context:
space:
mode:
authorTom Yu <tlyu@mit.edu>2000-03-01 05:15:31 +0000
committerTom Yu <tlyu@mit.edu>2000-03-01 05:15:31 +0000
commit84bb15d7f03199761c4a7864e32e7a5b6b4b0b03 (patch)
treed3c8ba8c5c6d5a9718b94a85b5804102ae62a5eb /src/kdc/kdc_preauth.c
parent8f8c45e408e3c6935ec805ecd5433361cd397ca4 (diff)
downloadkrb5-84bb15d7f03199761c4a7864e32e7a5b6b4b0b03.tar.gz
krb5-84bb15d7f03199761c4a7864e32e7a5b6b4b0b03.tar.xz
krb5-84bb15d7f03199761c4a7864e32e7a5b6b4b0b03.zip
* kdc_preauth.c (verify_sam_response): Declare and set rc_lifetime
for real. * dispatch.c: Include some more net-related headers. (dispatch): Fix ifndef HAVE_INET_NTOP branch. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12091 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kdc/kdc_preauth.c')
-rw-r--r--src/kdc/kdc_preauth.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/src/kdc/kdc_preauth.c b/src/kdc/kdc_preauth.c
index db358d283b..cc957016ba 100644
--- a/src/kdc/kdc_preauth.c
+++ b/src/kdc/kdc_preauth.c
@@ -1267,11 +1267,17 @@ verify_sam_response(context, client, request, enc_tkt_reply, pa)
#ifdef USE_RCACHE
{
krb5_donot_replay rep;
+ krb5_deltat rc_lifetime;
/*
* Verify this response came back in a timely manner.
* We do this b/c otherwise very old (expunged from the rcache)
* psr's would be able to be replayed.
*/
+ retval = krb5_rc_get_lifespan(kdc_context, kdc_rcache, &rc_lifetime);
+ if (retval) {
+ com_err("krb5kdc", retval, "while getting rcache lifespan");
+ goto cleanup;
+ }
if (timenow - psr->stime > rc_lifetime) {
com_err("krb5kdc", retval = KRB5KDC_ERR_PREAUTH_FAILED,
"SAM psr came back too late! -- replay attack?");
generated by cgit (git 2.34.1) at 2024-07-02 12:16:04 +0000