[16434] in Kerberos-V5-bugs

home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[krbdev.mit.edu #8858] git commit

daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Sat Dec 28 01:16:28 2019

From: "Greg Hudson via RT" <rt-comment@KRBDEV-PROD-APP-1.mit.edu>
In-Reply-To: 
Message-ID: <rt-4.4.4-101688-1577513778-407.8858-4-0@mit.edu>
To: "AdminCc of krbdev.mit.edu Ticket #8858":;
Date: Sat, 28 Dec 2019 01:16:18 -0500
MIME-Version: 1.0
Reply-To: rt-comment@KRBDEV-PROD-APP-1.mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu


Sat Dec 28 01:16:18 2019: Request 8858 was acted upon.
 Transaction: Ticket created by ghudson@mit.edu
       Queue: krb5
     Subject: git commit
       Owner: ghudson@mit.edu
  Requestors: 
      Status: new
 Ticket <URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=8858 >



Do not always canonicalize enterprise principals

When processing an AS request in the KDC, do not assume
KRB5_KDB_FLAG_CANONICALIZE for enterprise client names.  This change
allows the KDB module to only canonicalize enterprise client names if
the canonicalize flag was set on the request, as Windows does.  The
KDB module may check the principal type and apply canonicalization as
appropriate.

[ghudson@mit.edu: edited comments; rewrote commit message]

https://github.com/krb5/krb5/commit/3f5955631a2056f8ec4d1ce73d9681fa7da061c2
Author: Isaac Boukris <iboukris@gmail.com>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: 3f5955631a2056f8ec4d1ce73d9681fa7da061c2
Branch: master
 src/include/kdb.h   |   21 ++++++++++++---------
 src/kdc/do_as_req.c |    9 ++++-----
 src/tests/t_kdb.py  |   12 ++++++++++++
 3 files changed, 28 insertions(+), 14 deletions(-)

_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs

home	help	back	first	fref	pref	prev	next	nref	lref	last	post