libcli/auth: try to use the current timestamp creds->sequence

If the last usage of netlogon_creds_client_authenticator()
is in the past try to use the current timestamp and increment
more than just 2.

If we use netlogon_creds_client_authenticator() a lot within a
second, we increment keep incrementing by 2.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Dec 24 13:18:18 CET 2013 on sn-devel-104

1 files changed, 22 insertions, 0 deletions

diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c
index afb4a04b55c..f52538a7242 100644
--- a/libcli/auth/credentials.c
+++ b/libcli/auth/credentials.c
@@ -344,7 +344,29 @@ struct netlogon_creds_CredentialState *netlogon_creds_client_init_session_key(TA
 void netlogon_creds_client_authenticator(struct netlogon_creds_CredentialState *creds,
 				struct netr_Authenticator *next)
 {
+	uint32_t t32n = (uint32_t)time(NULL);
+
+	/*
+	 * we always increment and ignore an overflow here
+	 */
 	creds->sequence += 2;
+
+	if (t32n > creds->sequence) {
+		/*
+		 * we may increment more
+		 */
+		creds->sequence = t32n;
+	} else {
+		uint32_t d = creds->sequence - t32n;
+
+		if (d >= INT32_MAX) {
+			/*
+			 * got an overflow of time_t vs. uint32_t
+			 */
+			creds->sequence = t32n;
+		}
+	}
+
 	netlogon_creds_step(creds);
 
 	next->cred = creds->client;