krb5 commit: Remove special case for multi-hop SAM-2
Greg Hudson
ghudson at mit.edu
Wed Jan 28 17:37:25 EST 2015
https://github.com/krb5/krb5/commit/922f7d1230fe647821d9767fafef3774c5cfd2fc
commit 922f7d1230fe647821d9767fafef3774c5cfd2fc
Author: Greg Hudson <ghudson at mit.edu>
Date: Mon Jan 26 22:34:49 2015 -0500
Remove special case for multi-hop SAM-2
Revert f20a77e879d203cdcb1bdbf9dc8e604a5187c88f (issue #7571). The
special case is no longer needed, as we are now resetting the tried
list for each KDC_ERR_PREAUTH_REQUIRED message.
src/lib/krb5/krb/preauth2.c | 5 -----
1 files changed, 0 insertions(+), 5 deletions(-)
diff --git a/src/lib/krb5/krb/preauth2.c b/src/lib/krb5/krb/preauth2.c
index 8745cb1..783bb31 100644
--- a/src/lib/krb5/krb/preauth2.c
+++ b/src/lib/krb5/krb/preauth2.c
@@ -560,11 +560,6 @@ already_tried(krb5_context context, krb5_preauthtype pa_type)
size_t count;
krb5_preauthtype *newptr;
- /* Allow multi-hop SAM-2 exchanges using repeated preauth-required errors
- * for historical compatibility. */
- if (pa_type == KRB5_PADATA_SAM_CHALLENGE_2)
- return FALSE;
-
for (count = 0; pctx->tried != NULL && pctx->tried[count] != 0; count++) {
if (pctx->tried[count] == pa_type)
return TRUE;
More information about the cvs-krb5
mailing list