krb5 commit [krb5-1.15]: Apply TCP timeouts to HTTPS (KKDCP) transport

Greg Hudson ghudson at mit.edu
Mon Jul 17 22:59:33 EDT 2017


https://github.com/krb5/krb5/commit/79669b0a6b50f04e98682584e06ddb5d97466ebc
commit 79669b0a6b50f04e98682584e06ddb5d97466ebc
Author: Greg Hudson <ghudson at mit.edu>
Date:   Thu Apr 20 15:33:10 2017 -0400

    Apply TCP timeouts to HTTPS (KKDCP) transport
    
    We apply (as of ticket #7604) a ten-second minimum delay after a TCP
    connection is accepted before creating new connections or sending UDP
    packets.  Apply this timeout to HTTPS connections as well, by removing
    the transport check in get_endtime().  As the endtime field is only
    set by service_tcp_connect(), it will always have the value 0 for UDP
    connection state objects, so there is no need to check the transport
    type.
    
    (cherry picked from commit aace82e17ed0185faa3e9cda5437a3c6a7a40b10)
    
    ticket: 8580
    version_fixed: 1.15.2

 src/lib/krb5/os/sendto_kdc.c |    3 +--
 1 files changed, 1 insertions(+), 2 deletions(-)

diff --git a/src/lib/krb5/os/sendto_kdc.c b/src/lib/krb5/os/sendto_kdc.c
index fffe026..249a9fd 100644
--- a/src/lib/krb5/os/sendto_kdc.c
+++ b/src/lib/krb5/os/sendto_kdc.c
@@ -1372,8 +1372,7 @@ get_endtime(time_ms endtime, struct conn_state *conns)
     struct conn_state *state;
 
     for (state = conns; state != NULL; state = state->next) {
-        if (state->addr.transport == TCP &&
-            (state->state == READING || state->state == WRITING) &&
+        if ((state->state == READING || state->state == WRITING) &&
             state->endtime > endtime)
             endtime = state->endtime;
     }


More information about the cvs-krb5 mailing list