git.ipfire.org Git - thirdparty/krb5.git/commit

]> git.ipfire.org Git - thirdparty/krb5.git/commit

projects / thirdparty / krb5.git / commit

author	Greg Hudson <ghudson@mit.edu>
	Wed, 13 May 2020 17:05:49 +0000 (13:05 -0400)
committer	Greg Hudson <ghudson@mit.edu>
	Thu, 14 May 2020 20:50:59 +0000 (16:50 -0400)
commit	d7ed635e822e13b89fef93463d1d132b1e03b78f
tree	205f1507b03e702ffd48d3e024ecce36b3945d47	tree
parent	58109348cfa70c44b2b36233c18f9bb02a94cf26	commit \| diff

Prevent use of invalid local TGT key

Commit 570967e11bd5ea60a82fc8157ad7d07602402ebb took a shortcut in
get_local_tgt() by using the first key data entry in the TGT principal
entry. This is usually correct, but if the first key data entry has
an invalid enctype (such as a single-DES enctype), we can select a key
we can't use. Call krb5_dbe_find_enctype() instead. Reported by
Leonard Peirce.

ticket: 8906
tags: pullup
target_version: 1.18-next

src/kdc/kdc_util.c

diff | blob | blame | history

Mirror of https://github.com/krb5/krb5.git

RSS Atom