| commit | aabb937b46846922f70c2dc4cb95521d15f70764 | |
| author | Stefan Metzmacher <metze@samba.org> | |
| Fri, 24 Jun 2011 10:40:33 +0000 (24 12:40 +0200) | ||
| committer | Love Hörnquist Åstrand <lha@h5l.org> | |
| Sat, 23 Jul 2011 18:48:11 +0000 (23 11:48 -0700) | ||
| tree | 56c2d61da426dde9a9b56e3c82c96a41ac2fc028 | treesnapshot (tar.gz zip) |
| parent | 6cb0e817603b5598aaa9892ec640650092310290 | commitdiff |
kdc: don't allow self delegation if a backend check_constrained_delegation() hook is given
A service should use S4U2Self instead of S4U2Proxy.
Windows servers allow S4U2Proxy only to explicitly configured
target principals.
metze
Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
A service should use S4U2Self instead of S4U2Proxy.
Windows servers allow S4U2Proxy only to explicitly configured
target principals.
metze
Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
| kdc/krb5tgs.c | diffblobblamehistory |