oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

lib/krb5: Allow any kvno to match when searching the keytab.

Browse Source 
Windows does not use a KVNO when it checks it's passwords, and MIT
doesn't check the KVNO when no acceptor identity is specified (looping
over all keys in the keytab).

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
This commit is contained in:
Andrew Bartlett
2011-04-16 15:44:23 +10:00
committed by Love Hörnquist Åstrand
parent c5db78a3c2
commit 84bc108d8f
1 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/krb5/rd_req.c
View File

@@ -985,8 +985,7 @@ krb5_rd_req_ctx(krb5_context context,
goto out; goto out;
} }
if (entry.keyblock.keytype != ap_req.ticket.enc_part.etype || if (entry.keyblock.keytype != ap_req.ticket.enc_part.etype) {
(kvno && kvno != entry.vno)) {
krb5_kt_free_entry (context, &entry); krb5_kt_free_entry (context, &entry);
continue; continue;
} }