Timestamp preauth should return clock skew errors

When the user supplies the correct password, but has a timestamp that is out of bounds, the server should reply with a clock skew error rather than a preauth required error. ticket: new Tags: enhancement git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15130 dc483132-0cff-0310-8789-dd5450dbe970
author: Sam Hartman <hartmans@mit.edu> 2003-01-21 19:02:58 +0000
committer: Sam Hartman <hartmans@mit.edu> 2003-01-21 19:02:58 +0000
commit: bdae56ed80a3af96b4dfe1be05df9c4c8a2bf619 (patch)
tree: e8d6d8a49b170732b1131ff1a25cb2ebe115cd4d /src/kdc/ChangeLog
parent: 245fc0554350ee6d155b5dd344741e6fa790f898 (diff)
download: krb5-bdae56ed80a3af96b4dfe1be05df9c4c8a2bf619.tar.gz
krb5-bdae56ed80a3af96b4dfe1be05df9c4c8a2bf619.tar.xz
krb5-bdae56ed80a3af96b4dfe1be05df9c4c8a2bf619.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/src/kdc/ChangeLog b/src/kdc/ChangeLog
index 498a1efa1..22be4d31b 100644
--- a/src/kdc/ChangeLog
+++ b/src/kdc/ChangeLog
@@ -1,3 +1,7 @@
+2003-01-21  Sam Hartman  <hartmans@mit.edu>
+
+	* kdc_preauth.c (check_padata): Permit returning KRB5KRB_AP_ERR_SKEW
+
 2003-01-12  Ezra Peisach  <epeisach@bu.edu>
 
 	* kdc_util.h, replay.c, main.c: Pass global krb5_context to
author	Sam Hartman <hartmans@mit.edu>	2003-01-21 19:02:58 +0000
committer	Sam Hartman <hartmans@mit.edu>	2003-01-21 19:02:58 +0000
commit	bdae56ed80a3af96b4dfe1be05df9c4c8a2bf619 (patch)
tree	e8d6d8a49b170732b1131ff1a25cb2ebe115cd4d /src/kdc/ChangeLog
parent	245fc0554350ee6d155b5dd344741e6fa790f898 (diff)
download	krb5-bdae56ed80a3af96b4dfe1be05df9c4c8a2bf619.tar.gz krb5-bdae56ed80a3af96b4dfe1be05df9c4c8a2bf619.tar.xz krb5-bdae56ed80a3af96b4dfe1be05df9c4c8a2bf619.zip