[Heimdal-source-changes] [heimdal/heimdal] cdd0b7: kdc: don't misidentify constrained delegation requ...
Luke Howard
noreply at github.com
Mon Juni 3 06:42:24 CEST 2019
Branch: refs/heads/master
Home: https://github.com/heimdal/heimdal
Commit: cdd0b70d37d87026e8618ff44b8d636c0bf9cb6c
https://github.com/heimdal/heimdal/commit/cdd0b70d37d87026e8618ff44b8d636c0bf9cb6c
Author: Luke Howard <lukeh at padl.com>
Date: 2019-06-03 (Mon, 03 Jun 2019)
Changed paths:
M kdc/kerberos5.c
M kdc/krb5tgs.c
Log Message:
-----------
kdc: don't misidentify constrained delegation requests as anonymous
Earlier (pre-7.6) Heimdal clients would send both the request-anonymous and
cname-in-addl-tkt flags for constrained delegation requests. A true anonymous
TGS request will only have the former flag set. Do not treat TGS requests with
both flags set as anonymous requests.
More information about the Heimdal-source-changes
mailing list