[16478] in Kerberos-V5-bugs
[krbdev.mit.edu #8874] git commit
daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Tue Feb 11 16:54:35 2020
From: "Greg Hudson via RT" <rt@KRBDEV-PROD-APP-1.mit.edu>
In-Reply-To:
Message-ID: <rt-4.4.4-57034-1581458056-1510.8874-5-0@mit.edu>
To: "AdminCc of krbdev.mit.edu Ticket #8874":;
Date: Tue, 11 Feb 2020 16:54:16 -0500
MIME-Version: 1.0
Reply-To: rt@KRBDEV-PROD-APP-1.mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu
<URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=8874 >
Always use S4U2Proxy second ticket parsed authdata
When the KDC handles an S4U2Proxy request, if the KDB module returned
parsed authdata for the header ticket and not for the second ticket,
we could erroneously pass the header ticket's parsed authdata to
handle_authdata(). Make sure we always pass the parsed authdata for
the second ticket.
[ghudson@mit.edu: added comment; rewrote commit message]
(cherry picked from commit 21d823991a81d64af460ec62a98585c85534850b)
https://github.com/krb5/krb5/commit/91bb220f3ddfcb5b476396a92542faad8ce95e37
Author: Isaac Boukris <iboukris@gmail.com>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: 91bb220f3ddfcb5b476396a92542faad8ce95e37
Branch: krb5-1.18
src/kdc/do_tgs_req.c | 12 +++++++++---
1 files changed, 9 insertions(+), 3 deletions(-)
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
