| commit | ff31503bd41dd76c8d965b6a6c3e9904aa78c373 | |
| author | Isaac Boukris <iboukris@gmail.com> | |
| Mon, 28 Dec 2020 20:07:10 +0000 (28 22:07 +0200) | ||
| committer | Stefan Metzmacher <metze@samba.org> | |
| Wed, 27 Oct 2021 22:37:10 +0000 (27 22:37 +0000) | ||
| tree | b54667daaf89d254c268e127bd9217bed1b03df3 | treesnapshot (tar.gz zip) |
| parent | 6afc41b262ed2d308a89926c4f63139f26983d91 | commitdiff |
kdc: remove KRB5SignedPath, to be replaced with PAC
KRB5SignedPath was a Heimdal-specific authorization data element used to
protect the authenticity of evidence tickets when used in constrained
delegation (without a Windows PAC).
Remove this, to be replaced with the Windows PAC which itself now supports
signing the entire ticket in the TGS key.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14881
[jsutton@samba.org Backported from Heimdal commit
bb1d8f2a8c2545bccdf2c9179ce9259bf1050086
- Removed tests
- Removed auditing hook (only present in Heimdal master)
- Added knownfails
]
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit ccabc7f16cca5b0dcb46233e934e708167f1071b)
KRB5SignedPath was a Heimdal-specific authorization data element used to
protect the authenticity of evidence tickets when used in constrained
delegation (without a Windows PAC).
Remove this, to be replaced with the Windows PAC which itself now supports
signing the entire ticket in the TGS key.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14881
[jsutton@samba.org Backported from Heimdal commit
bb1d8f2a8c2545bccdf2c9179ce9259bf1050086
- Removed tests
- Removed auditing hook (only present in Heimdal master)
- Added knownfails
]
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit ccabc7f16cca5b0dcb46233e934e708167f1071b)