[3013] in Kerberos-V5-bugs
krb5-kdc/671: obvious fix for SAM replay detection
daemon@ATHENA.MIT.EDU (fcusack@iconnet.net)
Wed Dec 2 16:56:10 1998
Resent-From: gnats@rt-11.MIT.EDU (GNATS Management)
Resent-To: krb5-unassigned@RT-11.MIT.EDU
Resent-Reply-To: krb5-bugs@MIT.EDU, fcusack@iconnet.net
Date: Wed, 2 Dec 1998 16:56:27 -0500 (EST)
From: fcusack@iconnet.net
Reply-To: fcusack@iconnet.net
To: krb5-bugs@MIT.EDU
Cc: fcusack@iconnet.net
>Number: 671
>Category: krb5-kdc
>Synopsis: I made an error in my last patch; krb5_donot_replay
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Wed Dec 02 16:56:01 EST 1998
>Last-Modified:
>Originator: Frank Cusack
>Organization:
Icon CMT Corp.
>Release: krb5-current-19981119
>Environment:
N/A
System: SunOS ratbert 5.6 Generic_105181-09 sun4u sparc SUNW,Ultra-5_10
Architecture: sun4
>Description:
in krb5_donot_replay field name is ctime; not stime.
>How-To-Repeat:
>Fix:
Index: kdc/preauth/pa_sam_digi_path.c
===================================================================
RCS file: /icon/d04/cvsroot/3rd-party/krb5-19981119/kdc/preauth/pa_sam_digi_path.c,v
retrieving revision 1.7
diff -u -r1.7 pa_sam_digi_path.c
--- pa_sam_digi_path.c 1998/12/02 03:10:57 1.7
+++ pa_sam_digi_path.c 1998/12/02 21:52:19
@@ -346,7 +346,7 @@
/* Now check the replay cache. */
rep.client = "sam/rc"; /* Any fixed value will do, although this */
rep.server = "sam/rc"; /* should not match any principal name. */
- rep.stime = psr->stime;
+ rep.ctime = psr->stime;
rep.cusec = psr->susec;
if (retval = krb5_rc_store(kdc_context, kdc_rcache, &rep)) {
com_err("krb5kdc", retval, "snk4 track-data replayed!");
>Audit-Trail:
>Unformatted:
