[16463] in Kerberos-V5-bugs

home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[krbdev.mit.edu #8867] git commit

daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Mon Jan 27 11:06:02 2020

From: "Greg Hudson via RT" <rt@KRBDEV-PROD-APP-1.mit.edu>
In-Reply-To: 
Message-ID: <rt-4.4.4-23848-1580141137-247.8867-5-0@mit.edu>
To: "AdminCc of krbdev.mit.edu Ticket #8867":;
Date: Mon, 27 Jan 2020 11:05:37 -0500
MIME-Version: 1.0
Reply-To: rt@KRBDEV-PROD-APP-1.mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu


<URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=8867 >


Fix KDC crash in handle_signticket

Commit d47f7dba3779c9e36e1dedaac830dac1dd248fb3 changed the parameters
passed to sign_authdata() for S4U2Proxy requests so that client is the
entry for the impersonated client (not the impersonator), and added a
new parameter for the impersonator entry.  It should have changed the
call to handle_signticket() to use the impersonator entry.  Fix the
handle_signticket() call, and change some parameter names to more
clearly indicate the flow of subject_server from process_tgs_req() to
handle_authdata() to its helpers.

[ghudson@mit.edu: edited commit message]

(cherry picked from commit 96e5d384acf174e6079b0aeeec14bd8100d24840)

https://github.com/krb5/krb5/commit/67bb22ac43198b173f16444468831b0e911e69cd
Author: Isaac Boukris <iboukris@gmail.com>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: 67bb22ac43198b173f16444468831b0e911e69cd
Branch: krb5-1.18
 src/kdc/kdc_authdata.c  |   29 +++++++++++++++--------------
 src/kdc/kdc_util.h      |    2 +-
 src/tests/t_authdata.py |   39 +++++++++++++++++++++++++++++++++++++++
 3 files changed, 55 insertions(+), 15 deletions(-)

_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs

home	help	back	first	fref	pref	prev	next	nref	lref	last	post