[16343] in Kerberos-V5-bugs
[krbdev.mit.edu #8827] git commit
daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Tue Aug 20 16:49:54 2019
From: "Greg Hudson via RT" <rt-comment@KRBDEV-PROD-APP-1.mit.edu>
In-Reply-To:
Message-ID: <rt-4.4.4-5918-1566334154-1995.8827-4-0@mit.edu>
To: "AdminCc of krbdev.mit.edu Ticket #8827":;
Date: Tue, 20 Aug 2019 16:49:14 -0400
MIME-Version: 1.0
Reply-To: rt-comment@KRBDEV-PROD-APP-1.mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu
Tue Aug 20 16:49:14 2019: Request 8827 was acted upon.
Transaction: Ticket created by ghudson@mit.edu
Queue: krb5
Subject: git commit
Owner: ghudson@mit.edu
Requestors:
Status: new
Ticket <URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=8827 >
Change definition of KRB5_KDB_FLAG_CROSS_REALM
Set the CROSS_REALM flag if the header ticket was issued by a
different realm, instead of when the client is part of a different
realm. The affected corner cases are:
* In the final request of a cross-realm S4U2Self request, the header
ticket client is local but the header ticket was issued by a
different realm. The CROSS_REALM flag will now be set in this case.
* If a foreign client renews or validates a locally issued ticket, the
CROSS_REALM flag will no longer be set.
* If a foreign client requests a local TGT and then uses it to make a
request, the CROSS_REALM flag will no longer be set.
Also add a new flag KRB5_KDB_FLAG_ISSUING_REFERRAL, which is set when
the KDC decides to issue a referral or alternate TGT. Use the new
flag meanings to simplify S4U2Self processing.
[ghudson@mit.edu: edited comments and commit messages]
https://github.com/krb5/krb5/commit/e12e890f063f41bf8aef45e44a3ee329f64139d2
Author: Isaac Boukris <iboukris@gmail.com>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: e12e890f063f41bf8aef45e44a3ee329f64139d2
Branch: master
src/include/kdb.h | 14 +++++++++++---
src/kdc/do_tgs_req.c | 10 +++++-----
src/kdc/kdc_util.c | 13 ++++++-------
src/kdc/kdc_util.h | 3 +--
4 files changed, 23 insertions(+), 17 deletions(-)
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
