Skip Menu |

From: "Darren Reed \(Optimation\)" <>
To: <>
Subject: Patches for unixtime preauthentication
Date: Fri, 29 Nov 2002 15:40:33 +1100
I've attached the patches I made as the file unixtimepreauth.patch.
The only comment I'd make against using it as is would be I
did not want to venture into the territory of assigning new
error codes to indicate different failure reasons and so went
in search of others that seemed reasonable analogues to what
checks were being made.

I don't know how concerned you are about this, with, for example,
malloc() failing in the existing verify_enc_timestamp() returning
success rather than failure. ie. starve the KDC of memory and
preauth will always succeed. Only thing is, I'm sure lots of other
things would have failed before you got that far (I hope!) because
it sounds bad when put like that.

Download unixtimepreauth.patch
application/octet-stream 3.6KiB

Message body not shown because it is not plain text.

Missing context for this change is in , a message
from Darren to krbdev@mit on 20 Nov 2002, describing unixtime preauth as
being used in Cybersafe's Kerberos implementation.