[krbdev.mit.edu #7176] SVN Commit
Tom Yu via RT
rt-comment at krbdev.mit.edu
Fri Jun 15 14:43:59 EDT 2012
Use correct name-type in TGS-REQs for 2008R2 RODCs
Correctly set the name-type for the TGS principals to KRB5_NT_SRV_INST
in TGS-REQs. (Previously, only AS-REQs had the name-type set in this
way.) Windows Server 2008 R2 read-only domain controllers (RODCs)
insist on having the correct name-type for the TGS principal in
TGS-REQs as well as AS-REQs, at least for the TGT-forwarding case.
Thanks to Sebastian Galiano for reporting this bug and helping with
testing.
(back ported from commit 5994d8928b8ff88751b14bc60c7d7bfce8b30e57)
https://github.com/krb5/krb5/commit/442a15f9debdad1fc8ef7c79fe1ca9f3aa8e0cd7
Author: Tom Yu <tlyu at mit.edu>
Commit: 442a15f9debdad1fc8ef7c79fe1ca9f3aa8e0cd7
Branch: krb5-1.8
src/lib/krb5/krb/fwd_tgt.c | 12 ++++--------
src/lib/krb5/krb/tgtname.c | 19 +++++++++++++++----
2 files changed, 19 insertions(+), 12 deletions(-)
More information about the krb5-bugs
mailing list