libcli/auth: remove bogus comment regarding replay attacks

creds->sequence (timestamp) is the value that is used to increment the internal state, it's not a real sequence number. The sequence comes from adding all timestamps of the whole session. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
author: Stefan Metzmacher <metze@samba.org> 2013-12-17 19:40:15 +0100
committer: Stefan Metzmacher <metze@samba.org> 2013-12-24 09:10:06 +0100
commit: 636daac3b7b08ccb8845dab060157918d296ef67 (patch)
tree: 07631da471d8c829eb45c0367a0261d24bd2f793 /libcli/auth
parent: 202bcf9096e53d94b294936d6144ae77f1536b72 (diff)
download: samba-636daac3b7b08ccb8845dab060157918d296ef67.tar.gz
samba-636daac3b7b08ccb8845dab060157918d296ef67.tar.xz
samba-636daac3b7b08ccb8845dab060157918d296ef67.zip
1 files changed, 0 insertions, 2 deletions
diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c
index 197db86818c..afb4a04b55c 100644
--- a/libcli/auth/credentials.c
+++ b/libcli/auth/credentials.c
@@ -473,8 +473,6 @@ NTSTATUS netlogon_creds_server_step_check(struct netlogon_creds_CredentialState
 		return NT_STATUS_ACCESS_DENIED;
 	}
 
-	/* TODO: this may allow the a replay attack on a non-signed
-	   connection. Should we check that this is increasing? */
 	creds->sequence = received_authenticator->timestamp;
 	netlogon_creds_step(creds);
 	if (netlogon_creds_server_check_internal(creds, &received_authenticator->cred)) {
author	Stefan Metzmacher <metze@samba.org>	2013-12-17 19:40:15 +0100
committer	Stefan Metzmacher <metze@samba.org>	2013-12-24 09:10:06 +0100
commit	636daac3b7b08ccb8845dab060157918d296ef67 (patch)
tree	07631da471d8c829eb45c0367a0261d24bd2f793 /libcli/auth
parent	202bcf9096e53d94b294936d6144ae77f1536b72 (diff)
download	samba-636daac3b7b08ccb8845dab060157918d296ef67.tar.gz samba-636daac3b7b08ccb8845dab060157918d296ef67.tar.xz samba-636daac3b7b08ccb8845dab060157918d296ef67.zip