[krbdev.mit.edu #5400] SVN Commit
Jeffrey Altman via RT
rt-comment at krbdev.mit.edu
Thu Jan 18 07:44:04 EST 2007
When validating a Kerberos 5 principal name, the request
to the KDC should not request forwardable, renewable, or
proxiable options as these may be blocked by policy and
will result in the return of an error.
Always treat the Kerberos 5 principal name as valid
unless the KDC returns an error that clearly indicates that
the principal name does not exist.
Use a MEMORY: ccache for temporary storage instead of an
API: ccache.
Initialize pointer values with NULL instead of 0.
Commit By: jaltman
Revision: 19069
Changed Files:
U trunk/src/windows/identity/plugins/krb5/krb5funcs.c
U trunk/src/windows/identity/plugins/krb5/krb5identpro.c
U trunk/src/windows/identity/plugins/krb5/krb5newcreds.c
More information about the krb5-bugs
mailing list