[krbdev.mit.edu #7905] git commit
Greg Hudson via RT
rt-comment at KRBDEV-PROD-APP-1.mit.edu
Tue Oct 9 19:55:42 EDT 2018
Prefer TCP to UDP for password changes
When password changes are performed over UDP, spotty networks may
cause the client to retransmit. This leads to replay errors if the
kpasswd server receives both requests, which hide the actual request
status and make it appear that the password has not been changed, when
it may in fact have been. Use TCP instead with UDP fallback to avoid
this issue.
https://github.com/krb5/krb5/commit/d7b3018d338fc9c989c3fa17505870f23c3759a8
Author: Robbie Harwood <rharwood at redhat.com>
Committer: Greg Hudson <ghudson at mit.edu>
Commit: d7b3018d338fc9c989c3fa17505870f23c3759a8
Branch: master
src/lib/krb5/os/changepw.c | 104 ++++++++++++++++---------------------------
1 files changed, 39 insertions(+), 65 deletions(-)
More information about the krb5-bugs
mailing list