]> git.ipfire.org Git - thirdparty/krb5.git/commit
projects / thirdparty / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6a78771) | patch
Simplify preauth fallback disabling 1430/head
authorGreg Hudson <ghudson@mit.edu>
Mon, 12 May 2025 20:21:05 +0000 (16:21 -0400)
committerGreg Hudson <ghudson@mit.edu>
Fri, 13 Jun 2025 19:26:28 +0000 (15:26 -0400)
commitdf70aed645da58698466f5a8811a75873b85b5b2
tree4a840fea0d1387ebe53f2ec1e84754075919e562tree
parent6a7877183ef668d3b52df1f2926acc8be6f1c475commit | diff
Simplify preauth fallback disabling

Remove the fallback_disabled field from krb5_init_creds_context, and
instead record the current preauth type as the only allowed preauth
type when a preauth module invokes the disable_fallback() method.

The previous method failed to prevent fallback when a KDC unexpectedly
responds with PREAUTH_REQUIRED partway through the preauth exchange.
Reported by Richard Silverman.
src/lib/krb5/krb/get_in_tkt.c diff | blob | blame | history
src/lib/krb5/krb/init_creds_ctx.h diff | blob | blame | history
src/lib/krb5/krb/preauth2.c diff | blob | blame | history
Mirror of https://github.com/krb5/krb5.git