[krbdev.mit.edu #7929] git commit
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Mon Jun 2 18:53:34 EDT 2014
Check names in the server's cert when using KKDCP
When we connect to a KDC using an HTTPS proxy, check that the naming
information in the certificate matches the name or address which we
extracted from the server URL in the configuration.
https://github.com/krb5/krb5/commit/f7825e81b1ebf533c1dba9f84ae9ad36073a89cf
Author: Nalin Dahyabhai <nalin at dahyabhai.net>
Committer: Greg Hudson <ghudson at mit.edu>
Commit: f7825e81b1ebf533c1dba9f84ae9ad36073a89cf
Branch: master
src/include/k5-trace.h | 5 +
src/lib/krb5/os/Makefile.in | 3 +
src/lib/krb5/os/checkhost.c | 251 ++++++++++++++++++++++++++++++++++++++++++
src/lib/krb5/os/checkhost.h | 39 +++++++
src/lib/krb5/os/deps | 14 ++-
src/lib/krb5/os/sendto_kdc.c | 53 ++++++++--
6 files changed, 355 insertions(+), 10 deletions(-)
More information about the krb5-bugs
mailing list