diff options
author | David Benjamin <davidben@mit.edu> | 2013-08-20 13:42:34 -0400 |
---|---|---|
committer | Karl Ramm <kcr@1ts.org> | 2013-09-28 14:20:40 -0400 |
commit | b13d9822d947d09749d7a0231d49705e2c2a3c17 (patch) | |
tree | 2a03a90155ff42748ed7a2af3eb7b3361a675646 /zwgc | |
parent | f269734ef50e1a9aa22eb9f18125967ca772744b (diff) |
Use the saved session keys in ZCheckZcodeAuthentication
This allows for authentication checking to continue working even when tickets
expire or are renewed.
Also include key expiration logic. This is possibly overly conservative and
paranoid by a couple orders of magnitude.
Intentionally do not use SERVACK because they're mildly annoying to get at and
aren't authenticated. When we receive a notice authenticated with a key, we
know the server has received it. From there, we can infer that sufficiently old
keys are stale. We can't remove stale keys immediately because some older
notices may still be in flight, but after a grace period they can go.
The timeout is set to 60 seconds, which is fairly high, but matches
Z_ReadWait's timeout.
Diffstat (limited to 'zwgc')
0 files changed, 0 insertions, 0 deletions