| commit | 2996945de6cc6ab223da977b806ca7737c43ec7f | |
| author | Stefan Metzmacher <metze@samba.org> | |
| Fri, 24 Jun 2011 10:40:33 +0000 (24 12:40 +0200) | ||
| committer | Stefan Metzmacher <metze@samba.org> | |
| Fri, 24 Jun 2011 16:53:49 +0000 (24 18:53 +0200) | ||
| tree | 64ec2f09bfab060fa0c07390a79c2536766daabf | treesnapshot (tar.gz zip) |
| parent | 7229b0d5b2515cc4d487b80f77dc532104aa68d3 | commitdiff |
HEIMDAL:kdc: don't allow self delegation if a backend check_constrained_delegation() hook is given
A service should use S4U2Self instead of S4U2Proxy.
Windows servers allow S4U2Proxy only to explicitly configured
target principals.
metze
A service should use S4U2Self instead of S4U2Proxy.
Windows servers allow S4U2Proxy only to explicitly configured
target principals.
metze
| source4/heimdal/kdc/krb5tgs.c | diffblobblamehistory |