]> git.ipfire.org Git - thirdparty/samba.git/commit
projects / thirdparty / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d5002c3) | patch
kdc: remove KRB5SignedPath, to be replaced with PAC
authorIsaac Boukris <iboukris@gmail.com>
Mon, 28 Dec 2020 20:07:10 +0000 (22:07 +0200)
committerAndrew Bartlett <abartlet@samba.org>
Thu, 14 Oct 2021 18:59:31 +0000 (18:59 +0000)
commitccabc7f16cca5b0dcb46233e934e708167f1071b
tree4a5a054102e339de13a0ee94146d79e37c9c10a5tree
parentd5002c34ce1ffef795dc83af3175ca0e04d17dfdcommit | diff
kdc: remove KRB5SignedPath, to be replaced with PAC

KRB5SignedPath was a Heimdal-specific authorization data element used to
protect the authenticity of evidence tickets when used in constrained
delegation (without a Windows PAC).

Remove this, to be replaced with the Windows PAC which itself now supports
signing the entire ticket in the TGS key.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642

[jsutton@samba.org Backported from Heimdal commit
 bb1d8f2a8c2545bccdf2c9179ce9259bf1050086
 - Removed tests
 - Removed auditing hook (only present in Heimdal master)
 - Added knownfails
]

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
selftest/knownfail_heimdal_kdc diff | blob | blame | history
source4/heimdal/kdc/kerberos5.c diff | blob | blame | history
source4/heimdal/kdc/krb5tgs.c diff | blob | blame | history
source4/heimdal/lib/asn1/krb5.asn1 diff | blob | blame | history
Mirror of https://github.com/samba-team/samba.git