[krbdev.mit.edu #8870] git commit
Greg Hudson via RT
rt-comment at KRBDEV-PROD-APP-1.mit.edu
Fri Jan 24 21:16:01 EST 2020
Fri Jan 24 21:16:01 2020: Request 8870 was acted upon.
Transaction: Ticket created by ghudson at mit.edu
Queue: krb5
Subject: git commit
Owner: ghudson at mit.edu
Requestors:
Status: new
Ticket <URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=8870 >
Honor transited-policy-checked flag in servers
For consistency with Heimdal and simplicity of server configuration,
do not check the transited field in krb5_rd_req() if the
transited-policy-checked flag is set in the ticket.
Add a cross-realm test using the gcred and rdreq harnesses to test
server transited processing. Also fix the KDC capaths case so that
the client actually doesn't know the path to the server realm. In
k5test.py, adjust _cfg_merge() to remove keys mapped to None in the
second dictionary (instead of mapping them to None in the result), so
that deleting whole sections works. Remove the corresponding check
for None in _write_cfg_section() as it is no longer needed.
https://github.com/krb5/krb5/commit/a5aa5969bc6ed404b86318b47c38dfc3d3aeb8df
Author: Greg Hudson <ghudson at mit.edu>
Commit: a5aa5969bc6ed404b86318b47c38dfc3d3aeb8df
Branch: master
src/lib/krb5/krb/rd_req_dec.c | 11 ++++++---
src/tests/gcred.c | 10 +++++++-
src/tests/t_crossrealm.py | 43 +++++++++++++++++++++++++++++++++++-----
src/util/k5test.py | 6 +++-
4 files changed, 56 insertions(+), 14 deletions(-)
More information about the krb5-bugs
mailing list