Skip Menu |
 

History Show all quoted textShow full headers
# Mon Aug 08 14:27:16 2011 ghudson@mit.edu (Greg Hudson) - Ticket created
From: ghudson@mit.edu
Subject: SVN Commit
Download (untitled) / with headers
text/plain 558B

r24464 (ticket #6804) intended to remove the KDC replay cache by
eliminating all of the USE_RCACHE code, but it had the unintended side
effect of causing krb5_rd_req_decoded to use the default server
rcache. Using this cache is much less efficient because it is opened
and re-read for each request.

Set appropriate flags on the auth context to disable replay cache use
for TGS requests altogether.

https://github.com/krb5/krb5/commit/d7618afafe8c712d09da2bc2f9841ffd7fc1d0c7
Commit By: ghudson
Revision: 25076
Changed Files:
U trunk/src/kdc/kdc_util.c
# Mon Aug 08 14:27:16 2011 ghudson@mit.edu (Greg Hudson) - Requestor ghudson@mit.edu (Greg Hudson) added
# Mon Aug 08 14:27:17 2011 ghudson@mit.edu (Greg Hudson) - Status changed from 'new' to 'review'
# Mon Aug 08 14:27:17 2011 ghudson@mit.edu (Greg Hudson) - Tags pullup added
# Mon Aug 08 14:27:17 2011 ghudson@mit.edu (Greg Hudson) - Target_Version 1.9.2 added
# Tue Oct 18 16:18:45 2011 tlyu (Taylor Yu) - Status changed from 'review' to 'resolved'
# Tue Oct 18 16:18:45 2011 tlyu (Taylor Yu) - Version_Fixed 1.9.2 added
# Tue Oct 18 16:18:45 2011 tlyu (Taylor Yu) - Correspondence added
From: tlyu@mit.edu
Subject: SVN Commit
Download (untitled) / with headers
text/plain 927B

pull up r25076 from trunk

------------------------------------------------------------------------
r25076 | ghudson | 2011-08-08 14:27:15 -0400 (Mon, 08 Aug 2011) | 14 lines

ticket: 6941
subject: Fix accidental KDC use of replay cache
target_version: 1.9.2
tags: pullup

r24464 (ticket #6804) intended to remove the KDC replay cache by
eliminating all of the USE_RCACHE code, but it had the unintended side
effect of causing krb5_rd_req_decoded to use the default server
rcache. Using this cache is much less efficient because it is opened
and re-read for each request.

Set appropriate flags on the auth context to disable replay cache use
for TGS requests altogether.

------------------------------------------------------------------------

https://github.com/krb5/krb5/commit/87127004d4de670852027006079d10fbf6a56e78
Commit By: tlyu
Revision: 25374
Changed Files:
U branches/krb5-1-9/src/kdc/kdc_util.c
# Wed Dec 16 18:02:57 2015 tlyu (Taylor Yu) - CustomField pullup deleted