diff options
author | Simo Sorce <simo@redhat.com> | 2013-07-21 01:43:54 -0400 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2013-07-28 13:17:51 -0400 |
commit | bb3affefc2b8f4c9613a43f7a497ca2d2af34462 (patch) | |
tree | 0d045d6fc48f63cc958517d076900c6dff6cbc80 /src/gss_ntlmssp.h | |
parent | ba8c09800ef820e4b348c2e034fb9aa602463ff3 (diff) | |
download | gss-ntlmssp-bb3affefc2b8f4c9613a43f7a497ca2d2af34462.tar.gz gss-ntlmssp-bb3affefc2b8f4c9613a43f7a497ca2d2af34462.tar.xz gss-ntlmssp-bb3affefc2b8f4c9613a43f7a497ca2d2af34462.zip |
Add expiration time checks
Check Maxlife for challenge response messages.
Also add a Maximum lifetime for the context itself based on the
same challene/response maximum life.
According to MS-NLMP MaxLifetime is 36h on modern Windows OSs, use
the same for now.
Diffstat (limited to 'src/gss_ntlmssp.h')
-rw-r--r-- | src/gss_ntlmssp.h | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/gss_ntlmssp.h b/src/gss_ntlmssp.h index 334351a..5eb8bf6 100644 --- a/src/gss_ntlmssp.h +++ b/src/gss_ntlmssp.h @@ -21,6 +21,8 @@ #include "ntlm.h" #include "crypto.h" +#define MAX_CHALRESP_LIFETIME 36 * 60 * 60 /* 36 hours in seconds */ + #define SEC_LEVEL_MIN 0 #define SEC_LEVEL_MAX 5 @@ -125,6 +127,8 @@ struct gssntlm_ctx { struct ntlm_key exported_session_key; struct gssntlm_signseal send; struct gssntlm_signseal recv; + + time_t expiration_time; }; uint8_t gssntlm_required_security(int security_level, |