[Heimdal-source-changes] [heimdal/heimdal] 0141e7: Revert "kdc: move more name canonicalization logic...

GitHub noreply at github.com
Sön Jan 6 08:04:32 CET 2019 

  Branch: refs/heads/master
  Home:   https://github.com/heimdal/heimdal
  Commit: 0141e7a497ba9db45c5e2d422d9b8be78cbd1048
      https://github.com/heimdal/heimdal/commit/0141e7a497ba9db45c5e2d422d9b8be78cbd1048
  Author: Luke Howard <lukeh at padl.com>
  Date:   2019-01-06 (Sun, 06 Jan 2019)

  Changed paths:
    M kdc/kerberos5.c
    M lib/hdb/common.c

  Log Message:
  -----------
  Revert "kdc: move more name canonicalization logic to KDC"

This reverts commit 1b7e196e6608816d18ed81c6fff0383263877478.

It turns out that, contrary to the referrals draft, Windows does not
canonicalize enterprise principal names if the canonicalize KDC option is
unset.


  Commit: 4ea5cc2eff10a0750bfb6ed8424eaee08a528039
      https://github.com/heimdal/heimdal/commit/4ea5cc2eff10a0750bfb6ed8424eaee08a528039
  Author: Luke Howard <lukeh at padl.com>
  Date:   2019-01-06 (Sun, 06 Jan 2019)

  Changed paths:
    M kdc/kerberos5.c

  Log Message:
  -----------
  kdc: only set HDB_F_GET_KRBTGT when requesting TGS principal


  Commit: 9750f2d9152abb35d36a98795b272285c468dd28
      https://github.com/heimdal/heimdal/commit/9750f2d9152abb35d36a98795b272285c468dd28
  Author: Luke Howard <lukeh at padl.com>
  Date:   2019-01-06 (Sun, 06 Jan 2019)

  Changed paths:
    M lib/hdb/common.c

  Log Message:
  -----------
  hdb: force canonicalization of enterprise principal names

Whilst Windows does not canonicalize enterprise principal names if the
canonicalize flag is unset, the original specification in
draft-ietf-krb-wg-kerberos-referrals-03.txt says we should. Non-Windows
deployments of Heimdals are unlikely to understand enterprise principal names
in tickets, and are also unlikely to set the canonicalize flag, so this makes
sense. (It was also the behavior prior to moving the name canonicalization
logic into the KDC.)


Compare: https://github.com/heimdal/heimdal/compare/79f84913c9b3...9750f2d9152a
      **NOTE:** This service has been marked for deprecation: https://developer.github.com/changes/2018-04-25-github-services-deprecation/

      Functionality will be removed from GitHub.com on January 31st, 2019.

More information about the Heimdal-source-changes mailing list