[krbdev.mit.edu #8867] git commit
Greg Hudson via RT
rt at KRBDEV-PROD-APP-1.mit.edu
Mon Jan 27 11:05:37 EST 2020
<URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=8867 >
Fix KDC crash in handle_signticket
Commit d47f7dba3779c9e36e1dedaac830dac1dd248fb3 changed the parameters
passed to sign_authdata() for S4U2Proxy requests so that client is the
entry for the impersonated client (not the impersonator), and added a
new parameter for the impersonator entry. It should have changed the
call to handle_signticket() to use the impersonator entry. Fix the
handle_signticket() call, and change some parameter names to more
clearly indicate the flow of subject_server from process_tgs_req() to
handle_authdata() to its helpers.
[ghudson at mit.edu: edited commit message]
(cherry picked from commit 96e5d384acf174e6079b0aeeec14bd8100d24840)
https://github.com/krb5/krb5/commit/67bb22ac43198b173f16444468831b0e911e69cd
Author: Isaac Boukris <iboukris at gmail.com>
Committer: Greg Hudson <ghudson at mit.edu>
Commit: 67bb22ac43198b173f16444468831b0e911e69cd
Branch: krb5-1.18
src/kdc/kdc_authdata.c | 29 +++++++++++++++--------------
src/kdc/kdc_util.h | 2 +-
src/tests/t_authdata.py | 39 +++++++++++++++++++++++++++++++++++++++
3 files changed, 55 insertions(+), 15 deletions(-)
More information about the krb5-bugs
mailing list