creds->sequence (timestamp) is the value that is used to increment the internal
state, it's not a real sequence number. The sequence comes
from adding all timestamps of the whole session.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
return NT_STATUS_ACCESS_DENIED;
}
- /* TODO: this may allow the a replay attack on a non-signed
- connection. Should we check that this is increasing? */
creds->sequence = received_authenticator->timestamp;
netlogon_creds_step(creds);
if (netlogon_creds_server_check_internal(creds, &received_authenticator->cred)) {