]> git.ipfire.org Git - thirdparty/krb5.git/commit
projects / thirdparty / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 297535b) | patch
Allow u2u requests when -allow_svr is set 818/head
authorChris Hecker <checker@d6.com>
Wed, 25 Jul 2018 05:57:23 +0000 (00:57 -0500)
committerGreg Hudson <ghudson@mit.edu>
Fri, 27 Jul 2018 15:45:37 +0000 (11:45 -0400)
commit23dc2efc6419c7abbac183a46ed89a16be33a48a
tree6b4333cb417298b67c9add3ab14ba393618c4aeetree
parent297535b72177dcced036b78107e9d0e37781c7a3commit | diff
Allow u2u requests when -allow_svr is set

If KRB5_KDB_DISALLOW_SVR is set on the server principal, still allow
user-to-user tickets to be issued unless KRB5_KDB_DISALLOW_DUP_SKEY is
also set.  This change makes the KDC_ERR_MUST_USE_USER2USER error
message more appropriate.

ticket: 2641

[ghudson@mit.edu: added test case; updated documentation based on
suggestions by Patrick Moore; edited commit message]
doc/admin/admin_commands/kadmin_local.rst diff | blob | blame | history
doc/admin/conf_files/kdc_conf.rst diff | blob | blame | history
src/appl/user_user/t_user2user.py diff | blob | blame | history
src/kdc/tgs_policy.c diff | blob | blame | history
Mirror of https://github.com/krb5/krb5.git