[16103] in Kerberos-V5-bugs

home help back first fref pref prev next nref lref last post

[krbdev.mit.edu #8721] git commit

daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Mon Aug 27 18:19:39 2018

Mail-followup-to: rt@krbdev.mit.edu
mail-copies-to: never
From: "Greg Hudson via RT" <rt-comment@KRBDEV-PROD-APP-1.mit.edu>
In-Reply-To: <rt-8721@krbdev.mit.edu>
Message-ID: <rt-8721-48781.18.0277280749967@krbdev.mit.edu>
To: "'AdminCc of krbdev.mit.edu Ticket #8721'":;
Date: Mon, 27 Aug 2018 18:19:31 -0400 (EDT)
Reply-To: rt-comment@KRBDEV-PROD-APP-1.mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu

Don't tag S4U2Proxy result creds as user-to-user

S4U2Proxy and user-to-user tickets are both obtained using a
second-ticket input, but only user-to-user tickets are encrypted in
the session key of the second ticket.  In gc_via_tkt.c, stop deducing
the is_skey flag from the presence of a second ticket and instead set
it based on the request KDC options.

Author: Greg Hudson <ghudson@mit.edu>
Commit: 6d8c598d7c226b0fb594892b261386c37b47da1e
Branch: master
 src/lib/krb5/krb/gc_via_tkt.c |   10 ++++++----
 1 files changed, 6 insertions(+), 4 deletions(-)

krb5-bugs mailing list

home help back first fref pref prev next nref lref last post