code review request: 6882687 KerberosTime too imprecise
Valerie (Yu-Ching) Peng
valerie.peng at oracle.com
Wed May 19 00:04:29 UTC 2010
Hi, Max,
Your fixes look fine.
Thanks,
Valerie
On 05/17/10 03:06, Weijun Wang wrote:
> Hi Valerie
>
> A new bug 6950930 filed for the same problem.
>
> So ping again. Webrev small update at --
>
> http://cr.openjdk.java.net/~weijun/6882687/webrev.01
>
> Changes:
>
> 1. 2009 -> 2010
> 2. new fields now private final
>
> Thanks
> Max
>
>
> On Sep 17, 2009, at 1:46 AM, Max (Weijun) Wang wrote:
>
>
>> Hi Valerie
>>
>> Please take a review for the fix at
>>
>> http://cr.openjdk.java.net/~weijun/6882687/webrev.00
>>
>> Brad
>>
>> This would fix the IgnoreChannelBindings test failure on CYGWIN.
>>
>> Thanks
>> Max
>>
>> Begin forwarded message:
>>
>>
>>> From: Weijun.Wang at Sun.COM
>>> Date: September 17, 2009 1:12:13 AM GMT+08:00
>>>
>>> *Synopsis*: KerberosTime too imprecise
>>>
>>> === *Description* ============================================================
>>> Recently I notice a Kerberos test fails on CYGWIN saying an AP-REQ is a "replay detected". It turns out that the Windows time (returned by new Date()) is too coarse (15 millisecond precision) and the two AP-REQs in the test have the same KerberosTime value.
>>>
>>> Also, the KerberosTime class is the source of microseconds value used in Authenticator etc. Since Date only provides milliseconds, this means even if on a system with ideal Date, the microsecond value is always a multiple of 1000.
>>>
>>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20100518/a67ed878/attachment.htm>
More information about the security-dev
mailing list