Make krb5int_check_clockskew() public?
Greg Hudson
ghudson at MIT.EDU
Mon Oct 31 12:46:17 EDT 2011
On 10/28/2011 06:00 PM, Linus Nordberg wrote:
> I'd like krb5int_check_clockskew() to be made public in order to not
> have to peek into the krb5_context for clockskew.
Done on trunk and marked for pullup to 1.10.
> If y'all think usec is important enough, I'd like to see a variant of
> krb5int_check_clockskew() taking usec into account as well.
This seems unnecessary, since clock skew is typically on the order of
300 seconds and no existing checks (rd_req, rd_safe, rd_priv, rd_cred,
encrypted timestamp, encrypted challenge) are taking microseconds into
account.
More information about the krbdev
mailing list