[krbdev.mit.edu #8139] git commit
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Mon Jun 15 16:44:01 EDT 2015
Use local TGT for AD-SIGNTICKET processing
Always use the first key of the local TGT to create the AD-SIGNTICKET
checksum, and try the first key of the last three kvnos of the local
TGT to verify the checksum.
https://github.com/krb5/krb5/commit/0c6498b2b9f4f4ad8b9f224714c84714425f2ca3
Author: Greg Hudson <ghudson at mit.edu>
Commit: 0c6498b2b9f4f4ad8b9f224714c84714425f2ca3
Branch: master
src/kdc/do_as_req.c | 1 +
src/kdc/do_tgs_req.c | 2 +-
src/kdc/kdc_authdata.c | 111 +++++++++++++++++++++++++++++++-----------------
src/kdc/kdc_util.h | 1 +
4 files changed, 75 insertions(+), 40 deletions(-)
More information about the krb5-bugs
mailing list