]> git.ipfire.org Git - thirdparty/krb5.git/commit
projects / thirdparty / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2ca842d) | patch
Do not always canonicalize enterprise principals
authorIsaac Boukris <iboukris@gmail.com>
Sat, 2 Nov 2019 12:32:32 +0000 (13:32 +0100)
committerGreg Hudson <ghudson@mit.edu>
Sat, 28 Dec 2019 06:02:03 +0000 (01:02 -0500)
commit3f5955631a2056f8ec4d1ce73d9681fa7da061c2
tree15a8b529b447d4a6cae2f8b26e33e8ee56b6c39ftree | snapshot
parent2ca842d5cbd5981ab5fa50e418359763c9f1a6d5commit | diff
Do not always canonicalize enterprise principals

When processing an AS request in the KDC, do not assume
KRB5_KDB_FLAG_CANONICALIZE for enterprise client names.  This change
allows the KDB module to only canonicalize enterprise client names if
the canonicalize flag was set on the request, as Windows does.  The
KDB module may check the principal type and apply canonicalization as
appropriate.

[ghudson@mit.edu: edited comments; rewrote commit message]

ticket: 8858 (new)
src/include/kdb.h diff | blob | blame | history
src/kdc/do_as_req.c diff | blob | blame | history
src/tests/t_kdb.py diff | blob | blame | history
Mirror of https://github.com/krb5/krb5.git