]> git.ipfire.org Git - thirdparty/krb5.git/commit
projects / thirdparty / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 34ba677) | patch
Allow KDC to canonicalize realm in TGS client 1108/head
authorGreg Hudson <ghudson@mit.edu>
Wed, 26 Aug 2020 20:49:37 +0000 (16:49 -0400)
committerGreg Hudson <ghudson@mit.edu>
Tue, 3 Nov 2020 15:26:00 +0000 (10:26 -0500)
commit04c2b7415d62913845f31dc5b0d4051291e4d6d4
tree6c4d28409a0fcace2f1d0d2757c2ef3d0bfe40e0tree
parent34ba67714db6079021c66a2bbd398dd23968d438commit | diff
Allow KDC to canonicalize realm in TGS client

Active Directory canonicalizes the srealm field of TGS replies,
whether or not the client requests canonicalization.  Allow this for
regular TGS and S4U2Self referrals queries by comparing only the name
part of the service principal.  The S4U2Proxy code is already correct.

ticket: 8943 (new)
src/lib/krb5/krb/get_creds.c diff | blob | blame | history
src/lib/krb5/krb/s4u_creds.c diff | blob | blame | history
Mirror of https://github.com/krb5/krb5.git