diff options
| author | Greg Hudson <ghudson@mit.edu> | 2017-04-20 15:33:10 -0400 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2017-07-17 18:09:38 -0400 |
| commit | 79669b0a6b50f04e98682584e06ddb5d97466ebc (patch) | |
| tree | 21f8a956bb145c1b15cd71206111b75547c24429 | |
| parent | 86512c5713a6e2dc39c95b30c1299a484d30d58e (diff) | |
| download | krb5-79669b0a6b50f04e98682584e06ddb5d97466ebc.zip krb5-79669b0a6b50f04e98682584e06ddb5d97466ebc.tar.gz krb5-79669b0a6b50f04e98682584e06ddb5d97466ebc.tar.bz2 | |
Apply TCP timeouts to HTTPS (KKDCP) transport
We apply (as of ticket #7604) a ten-second minimum delay after a TCP
connection is accepted before creating new connections or sending UDP
packets. Apply this timeout to HTTPS connections as well, by removing
the transport check in get_endtime(). As the endtime field is only
set by service_tcp_connect(), it will always have the value 0 for UDP
connection state objects, so there is no need to check the transport
type.
(cherry picked from commit aace82e17ed0185faa3e9cda5437a3c6a7a40b10)
ticket: 8580
version_fixed: 1.15.2
| -rw-r--r-- | src/lib/krb5/os/sendto_kdc.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/src/lib/krb5/os/sendto_kdc.c b/src/lib/krb5/os/sendto_kdc.c index fffe026..249a9fd 100644 --- a/src/lib/krb5/os/sendto_kdc.c +++ b/src/lib/krb5/os/sendto_kdc.c @@ -1372,8 +1372,7 @@ get_endtime(time_ms endtime, struct conn_state *conns) struct conn_state *state; for (state = conns; state != NULL; state = state->next) { - if (state->addr.transport == TCP && - (state->state == READING || state->state == WRITING) && + if ((state->state == READING || state->state == WRITING) && state->endtime > endtime) endtime = state->endtime; } |