diff options
| author | Greg Hudson <ghudson@mit.edu> | 2011-05-20 15:21:28 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2011-05-20 15:21:28 +0000 |
| commit | 723f909f3d532c5610aebecad83eb0601faba6d4 (patch) | |
| tree | ba4ec0030ebf2960d478b41faa8312f1bb149bde /src/kdc/replay.c | |
| parent | 60fbd61b58c360679ad43aaf0bf9f7261319d168 (diff) | |
| download | krb5-723f909f3d532c5610aebecad83eb0601faba6d4.tar.gz krb5-723f909f3d532c5610aebecad83eb0601faba6d4.tar.xz krb5-723f909f3d532c5610aebecad83eb0601faba6d4.zip | |
Revert r5233 and mark get_age as deprecated in the DAL documentation.
We do not need to check reply retransmissions for staleness any more
than TCP needs to. A genuinely new request will have a different
nonce.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24936 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kdc/replay.c')
| -rw-r--r-- | src/kdc/replay.c | 16 |
1 files changed, 4 insertions, 12 deletions
diff --git a/src/kdc/replay.c b/src/kdc/replay.c index fc2a8b53b..96c84807e 100644 --- a/src/kdc/replay.c +++ b/src/kdc/replay.c @@ -34,7 +34,6 @@ typedef struct _krb5_kdc_replay_ent { struct _krb5_kdc_replay_ent *next; int num_hits; krb5_int32 timein; - time_t db_age; krb5_data *req_packet; krb5_data *reply_packet; } krb5_kdc_replay_ent; @@ -47,13 +46,11 @@ static int max_hits_per_entry = 0; static int num_entries = 0; #define STALE_TIME 2*60 /* two minutes */ -#define STALE(ptr) ((abs((ptr)->timein - timenow) >= STALE_TIME) || \ - ((ptr)->db_age != db_age)) +#define STALE(ptr) (abs((ptr)->timein - timenow) >= STALE_TIME) #define MATCH(ptr) (((ptr)->req_packet->length == inpkt->length) && \ !memcmp((ptr)->req_packet->data, inpkt->data, \ - inpkt->length) && \ - ((ptr)->db_age == db_age)) + inpkt->length)) /* XXX Todo: quench the size of the queue... */ @@ -66,10 +63,8 @@ kdc_check_lookaside(krb5_data *inpkt, krb5_data **outpkt) { krb5_int32 timenow; register krb5_kdc_replay_ent *eptr, *last, *hold; - time_t db_age; - if (krb5_timeofday(kdc_context, &timenow) || - krb5_db_get_age(kdc_context, 0, &db_age)) + if (krb5_timeofday(kdc_context, &timenow)) return FALSE; calls++; @@ -118,10 +113,8 @@ kdc_insert_lookaside(krb5_data *inpkt, krb5_data *outpkt) { register krb5_kdc_replay_ent *eptr; krb5_int32 timenow; - time_t db_age; - if (krb5_timeofday(kdc_context, &timenow) || - krb5_db_get_age(kdc_context, 0, &db_age)) + if (krb5_timeofday(kdc_context, &timenow)) return; /* this is a new entry */ @@ -129,7 +122,6 @@ kdc_insert_lookaside(krb5_data *inpkt, krb5_data *outpkt) if (!eptr) return; eptr->timein = timenow; - eptr->db_age = db_age; /* * This is going to hurt a lot malloc()-wise due to the need to * allocate memory for the krb5_data and krb5_address elements. |