From bdae56ed80a3af96b4dfe1be05df9c4c8a2bf619 Mon Sep 17 00:00:00 2001
From: Sam Hartman <hartmans@mit.edu>
Date: Tue, 21 Jan 2003 19:02:58 +0000
Subject: Timestamp preauth should return clock skew errors

When the user supplies the correct password, but has a timestamp that
is out of bounds, the server should reply with a clock skew error
rather than a preauth required error.

ticket: new
Tags: enhancement

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15130 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/kdc/ChangeLog | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'src/kdc/ChangeLog')

diff --git a/src/kdc/ChangeLog b/src/kdc/ChangeLog
index 498a1efa1..22be4d31b 100644
--- a/src/kdc/ChangeLog
+++ b/src/kdc/ChangeLog
@@ -1,3 +1,7 @@
+2003-01-21  Sam Hartman  <hartmans@mit.edu>
+
+	* kdc_preauth.c (check_padata): Permit returning KRB5KRB_AP_ERR_SKEW
+
 2003-01-12  Ezra Peisach  <epeisach@bu.edu>
 
 	* kdc_util.h, replay.c, main.c: Pass global krb5_context to
-- 
cgit