* dispatch.c (dispatch): Make message in lookaside case less suggestive of
authorKen Raeburn <raeburn@mit.edu>
Fri, 29 Oct 1999 19:25:10 +0000 (19:25 +0000)
committerKen Raeburn <raeburn@mit.edu>
Fri, 29 Oct 1999 19:25:10 +0000 (19:25 +0000)
replay attacks, since it can result from normal packet loss causing
retransmissions.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11889 dc483132-0cff-0310-8789-dd5450dbe970

src/kdc/ChangeLog
src/kdc/dispatch.c

index d9892e55fa674964bf5c067437a82d062da10563..053fdf3b915c625a1310bdb71720a81a2c628c7c 100644 (file)
@@ -1,3 +1,9 @@
+1999-10-29  Ken Raeburn  <raeburn@mit.edu>
+
+       * dispatch.c (dispatch): Make message in lookaside case less
+       suggestive of replay attacks, since it can result from normal
+       packet loss causing retransmissions.
+
 1999-10-26  Tom Yu  <tlyu@mit.edu>
 
        * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
index 43b612ad5a9eb016b90ec248ea72609c3a28f77c..0c30c6a339799509860c02a3113ee5452d2efa58 100644 (file)
@@ -49,7 +49,7 @@ dispatch(pkt, from, portnum, response)
     /* try the replay lookaside buffer */
     if (kdc_check_lookaside(pkt, from, response)) {
        /* a hit! */
-       krb5_klog_syslog(LOG_INFO, "DISPATCH: replay found and re-transmitted");
+       krb5_klog_syslog(LOG_INFO, "DISPATCH: repeated (retransmitted?) request, resending response");
        return 0;
     }
 #endif