Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Track first local TGT key in KDC code
Decrypt the first local TGT key in get_local_tgt() and save it in the AS and TGS processing functions. (As we now sort key data by descending kvno, this is guaranteed to be the most recent key.) Pass this key to the authdata and FAST cookie functions to simplify cookie encryption and authdata signing. Decryption and verification functions must still sometimes decrypt earlier keys to process tickets predating the last local TGT key rollover.
- Loading branch information
1 parent
e12e890
commit 570967e
Showing
7 changed files
with
198 additions
and
165 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.