[krbdev.mit.edu #8421] git commit
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Thu May 26 18:24:43 EDT 2016
Avoid setting AS key when OTP preauth fails
In otp_client_process(), call cb->set_as_key() later in the function
after the OTP request has been created. The previous position of this
call caused the AS key to be replaced even when later code in the
function failed, preventing other preauth mechanisms from retrieving
the correct AS key.
https://github.com/krb5/krb5/commit/0712d0059d72ddeaf1764f8fa173a321e3bc072d
Author: Nathaniel McCallum <npmccallum at redhat.com>
Committer: Greg Hudson <ghudson at mit.edu>
Commit: 0712d0059d72ddeaf1764f8fa173a321e3bc072d
Branch: master
src/lib/krb5/krb/preauth_otp.c | 10 +++++-----
1 files changed, 5 insertions(+), 5 deletions(-)
More information about the krb5-bugs
mailing list