| commit | 3b0856cab2b25624deb1f6e0e67637ba96a647ac | |
| author | Luke Howard <lukeh@padl.com> | |
| Thu, 23 Sep 2021 04:39:35 +0000 (23 14:39 +1000) | ||
| committer | Luke Howard <lukeh@padl.com> | |
| Thu, 23 Sep 2021 04:39:35 +0000 (23 14:39 +1000) | ||
| tree | cbe4f44a6a968e87aa850414bf071f56cc2e8511 | treesnapshot (tar.gz zip) |
| parent | 071b95e683d9bda7267f7bdd8d146ad2575f22b5 | commitdiff |
kdc: use ticket client name when signing PAC
The principal in the PAC_LOGON_NAME buffer is expected to match the client name
in the ticket. Previously we were setting this to the canonical client name,
which would have broken PAC validation if the client did not request name
canonicalization
The principal in the PAC_LOGON_NAME buffer is expected to match the client name
in the ticket. Previously we were setting this to the canonical client name,
which would have broken PAC validation if the client did not request name
canonicalization
| kdc/kerberos5.c | diffblobblamehistory |