git.ipfire.org Git - thirdparty/krb5.git/commit

]> git.ipfire.org Git - thirdparty/krb5.git/commit

projects / thirdparty / krb5.git / commit

author	Nalin Dahyabhai <nalin@dahyabhai.net>
	Wed, 9 Oct 2013 19:03:16 +0000 (15:03 -0400)
committer	Greg Hudson <ghudson@mit.edu>
	Thu, 20 Mar 2014 21:46:47 +0000 (17:46 -0400)
commit	b562400826409deceb0d52ffbe6570670ee9db55
tree	85011e422ef79811f811c59cf50b05970418ab1e	tree
parent	53d6d0d64e96b84b57b7446a787e683312e2a529	commit \| diff

Don't check kpasswd reply address

Don't check the address of the kpasswd server when parsing the reply
we received from it. If the server's address was modified by a proxy
or other network element, the user will be incorrectly warned that the
password change failed when it succeeded. The check is unnecessary as
the kpasswd protocol is not subject to a reflection attack.

[ghudson@mit.edu: edit commit message]

ticket: 7886 (new)

src/lib/krb5/os/changepw.c

diff | blob | blame | history

Mirror of https://github.com/krb5/krb5.git

RSS Atom