[429] in Kerberos-V5-bugs
krb5_rd_safe only checks sender address when NOTIME isn't set
daemon@ATHENA.MIT.EDU (Jonathan I. Kamens)
Fri Mar 4 13:34:42 1994
Date: Fri, 4 Mar 1994 13:34:10 -0500
From: "Jonathan I. Kamens" <jik@security.ov.com>
To: krb5-bugs@MIT.EDU
When safe_flags & KRB5_SAFE_NOTIME is false in a call to
krb5_rd_safe, it checks three things:
1. That the message is within the allowable clock skew.
2. That the sender address in the message matches the sender address
passed in.
3. That the message does not appear in the replay cache.
It seems to me that although clock skew and replays are reasonable
things to only check if NOTIME is false, there's no reason for the
sender address to be checked only in that situation, i.e., I believe
that the sender address should always be checked.
If I'm wrong about this, please let me know why :-).
jik
