[krbdev.mit.edu #8859] git commit
Greg Hudson via RT
rt-comment at KRBDEV-PROD-APP-1.mit.edu
Sat Dec 28 01:16:26 EST 2019
Sat Dec 28 01:16:26 2019: Request 8859 was acted upon.
Transaction: Ticket created by ghudson at mit.edu
Queue: krb5
Subject: git commit
Owner: ghudson at mit.edu
Requestors:
Status: new
Ticket <URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=8859 >
Remove KRB5_KDB_FLAG_ALIAS_OK
It is simpler and more consistent with Windows to let the KDB module
always return aliases, and use KDC logic (already present) to decide
whether to use the requested or canonical principal name in the
ticket.
With the removal of this flag, "kinit alias" (without the -C flag)
against the LDAP KDB module will issue a ticket for the alias name,
instead of failing with a "client not found" error.
[ghudson at mit.edu: edited comments; wrote commit message]
https://github.com/krb5/krb5/commit/ac8865a22138ab0c657208c41be8fd6bc7968148
Author: Isaac Boukris <iboukris at gmail.com>
Committer: Greg Hudson <ghudson at mit.edu>
Commit: ac8865a22138ab0c657208c41be8fd6bc7968148
Branch: master
src/include/kdb.h | 14 +++-----------
src/kdc/do_as_req.c | 7 +------
src/kdc/do_tgs_req.c | 1 -
src/kdc/kdc_preauth.c | 2 +-
src/kdc/kdc_util.c | 5 ++---
src/lib/kadm5/srv/server_kdb.c | 3 +--
src/lib/kdb/kdb5.c | 3 +--
src/lib/kdb/kdb_default.c | 3 +--
src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c | 15 ++++++---------
src/plugins/kdb/test/kdb_test.c | 14 +++++---------
src/tests/t_kdb.py | 5 +++--
11 files changed, 24 insertions(+), 48 deletions(-)
More information about the krb5-bugs
mailing list