oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Only check service key for cross realm PACs.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20265 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2007-02-18 08:34:36 +00:00
parent 325f6037d7
commit 45ebb9c7f2
1 changed files with 12 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
kdc/krb5tgs.c
View File

@@ -1708,19 +1708,23 @@ server_lookup:
} }
/* check PAC if there is one */ /* check PAC if there is one */
if (!cross_realm) { {
Key *tkey; Key *tkey;
krb5_keyblock *tgtkey = NULL;
ret = hdb_enctype2key(context, &krbtgt->entry, if (!cross_realm) {
krbtgt_etype, &tkey); ret = hdb_enctype2key(context, &krbtgt->entry,
if(ret) { krbtgt_etype, &tkey);
kdc_log(context, config, 0, if(ret) {
"Failed to find key for krbtgt PAC check"); kdc_log(context, config, 0,
goto out; "Failed to find key for krbtgt PAC check");
goto out;
}
tgtkey = &tkey->key;
} }
ret = check_PAC(context, config, client_principal, ret = check_PAC(context, config, client_principal,
client, server, ekey, &tkey->key, client, server, ekey, tgtkey,
tgt, &rspac, &require_signedpath); tgt, &rspac, &require_signedpath);
if (ret) { if (ret) {
kdc_log(context, config, 0, kdc_log(context, config, 0,