projects / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2b7be6f) | patch
Allow password changes over NATs
authorGreg Hudson <ghudson@mit.edu>
Sat, 15 Oct 2011 16:56:30 +0000 (16:56 +0000)
committerGreg Hudson <ghudson@mit.edu>
Sat, 15 Oct 2011 16:56:30 +0000 (16:56 +0000)
commitb91da5a4c7efc189dcfe57c4de2a8e8673102295
tree67aa7d0770fa502537f63fe09d9b0f011eb8cf77tree | snapshot
parent2b7be6fbfdc920bff5ab89213931e69bed5bfed6commit | diff
Allow password changes over NATs

In the kpasswd server code, don't set a remote address in the auth
context before calling krb5_rd_priv, since the kpasswd protocol is
well-protected against reflection attacks.  This allows password
changes to work in cases where a NAT has changed the client IP address
as it is seen by the server.

ticket: 6979

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25356 dc483132-0cff-0310-8789-dd5450dbe970
src/kadmin/server/schpw.c diff | blob | history
MIT implementation of the Kerberos network authentication protocol. This repo may be rebased, so don't base your work on it. Use git://github.com/krb5/krb5 instead.