[28695] in CVS-changelog-for-Kerberos-V5

home help back first fref pref prev next nref lref last post

krb5 commit: Remove special case for multi-hop SAM-2

daemon@ATHENA.MIT.EDU (Greg Hudson)
Wed Jan 28 17:37:32 2015

Date: Wed, 28 Jan 2015 17:37:25 -0500
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201501282237.t0SMbPde013504@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu

https://github.com/krb5/krb5/commit/922f7d1230fe647821d9767fafef3774c5cfd2fc
commit 922f7d1230fe647821d9767fafef3774c5cfd2fc
Author: Greg Hudson <ghudson@mit.edu>
Date:   Mon Jan 26 22:34:49 2015 -0500

    Remove special case for multi-hop SAM-2
    
    Revert f20a77e879d203cdcb1bdbf9dc8e604a5187c88f (issue #7571).  The
    special case is no longer needed, as we are now resetting the tried
    list for each KDC_ERR_PREAUTH_REQUIRED message.

 src/lib/krb5/krb/preauth2.c |    5 -----
 1 files changed, 0 insertions(+), 5 deletions(-)

diff --git a/src/lib/krb5/krb/preauth2.c b/src/lib/krb5/krb/preauth2.c
index 8745cb1..783bb31 100644
--- a/src/lib/krb5/krb/preauth2.c
+++ b/src/lib/krb5/krb/preauth2.c
@@ -560,11 +560,6 @@ already_tried(krb5_context context, krb5_preauthtype pa_type)
     size_t count;
     krb5_preauthtype *newptr;
 
-    /* Allow multi-hop SAM-2 exchanges using repeated preauth-required errors
-     * for historical compatibility. */
-    if (pa_type == KRB5_PADATA_SAM_CHALLENGE_2)
-        return FALSE;
-
     for (count = 0; pctx->tried != NULL && pctx->tried[count] != 0; count++) {
         if (pctx->tried[count] == pa_type)
             return TRUE;
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5

home help back first fref pref prev next nref lref last post