Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
------------------------------------------------------------------------ r24399 | ghudson | 2010-09-30 23:45:43 -0400 (Thu, 30 Sep 2010) | 12 lines ticket: 6768 subject: GSSAPI forwarded credentials must be encrypted in session key target_version: 1.8.4 tags: pullup When IAKERB support was added, the krb5_mk_req checksum function gained access to the send subkey. This caused GSSAPI forwarded credentials to be encrypted in the subkey, which violates RFC 4121 section 4.1.1 and is not accepted by Microsoft's implementation. Temporarily null out the send subkey in the auth context so that krb5_mk_ncred uses the session key instead. ticket: 6768 version_fixed: 1.8.4 target_version: 1.8.4 status: resolved git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@24460 dc483132-0cff-0310-8789-dd5450dbe970
- Loading branch information