X-Git-Url: https://git.openafs.org/?p=openafs.git;a=blobdiff_plain;f=src%2Fkauth%2Fkaprocs.c;h=315096a46197edfdcc31cda70b698eb8bcc4e434;hp=8a4914dd2952f471d18b253fd6ddaf658350e39d;hb=810f0ccd0354dac30af024ca7b5acf3ebabf5f4b;hpb=abca1fefc018e7f7ccc91ff31ada1d5e6d8076e0

diff --git a/src/kauth/kaprocs.c b/src/kauth/kaprocs.c
index 8a4914d..315096a 100644
--- a/src/kauth/kaprocs.c
+++ b/src/kauth/kaprocs.c
@@ -711,7 +711,7 @@ ChangePassWord(struct rx_call *call, char *aname, char *ainstance,
     /* validate the request */
     request_time = ntohl(request.time);	/* reorder date */
     kvno = ntohl(request.kvno);
-    if (labs(request_time - time(NULL)) > KTC_TIME_UNCERTAINTY ||
+    if (check_ka_skew(request_time, time(NULL), KTC_TIME_UNCERTAINTY) ||
 	strncmp(request.label, KA_CPW_REQ_LABEL, sizeof(request.label)) ||
 	request.spare || kvno > MAXKAKVNO) {	/* these are reserved */
 	code = KABADREQUEST;
@@ -1143,7 +1143,7 @@ Authenticate(int version, struct rx_call *call, char *aname, char *ainstance,
     }
 #endif /* EXPIREPW */
 
-    if (request.time - now > KTC_TIME_UNCERTAINTY) {
+    if (check_ka_skew(request.time, now, KTC_TIME_UNCERTAINTY)) {
 #if 0
 	if (oanswer->MaxSeqLen < sizeof(afs_int32))
 	    code = KAANSWERTOOLONG;