PAC verification fails for enterprise principals
Greg Hudson
ghudson at mit.edu
Wed Aug 23 21:11:49 EDT 2017
On 08/23/2017 07:19 PM, Stefan Metzmacher wrote:
> I found that krb5_pac_verify() fails if I asked for
> S4U2Self with an enterprise principal.
> I'd prefer to take over the logic from Heimal, if that's ok
> I'll prepare a patch for that.
That is probably fine. I can't easily verify that quoting problems
won't get in the way, but if it's not causing a problem for Heimdal then
it's probably fine.
More information about the krbdev
mailing list