| commit | 6c0306843d122e17b8289550a05a063ba9799070 | |
| author | Matthieu Hautreux <matthieu.hautreux@cea.fr> | |
| Wed, 4 Jun 2014 20:35:08 +0000 (4 22:35 +0200) | ||
| committer | Viktor Dukhovni <viktor1ghub@dukhovni.org> | |
| Tue, 8 Nov 2016 20:31:00 +0000 (8 15:31 -0500) | ||
| tree | 9aedad4005c82037620075bdfe26005e361eb691 | treesnapshot (tar.gz zip) |
| parent | a730c89376dadded8a8e53ca3b30761ed434c6c1 | commitdiff |
krb5tgs: let TGS_REQ with NULL caddr returns an addessless ticket
When processing a request, current tgs_make_reply uses the requested
set of addrs of the request to establish the set of addresses to
associate with the ticket in reply.
However, when the request input set of addrs is NULL, it reverts to
using the TGT set of addresses instead. As a result, it is not
possible to acquire an addressless TGS (or forwarded TGT) using a
TGT that is addressed.
This patch remove the fallback ensuring that a TGS_REQ with a set
of addrs set to NULL enables to acquire an addressless ticket.
When processing a request, current tgs_make_reply uses the requested
set of addrs of the request to establish the set of addresses to
associate with the ticket in reply.
However, when the request input set of addrs is NULL, it reverts to
using the TGT set of addresses instead. As a result, it is not
possible to acquire an addressless TGS (or forwarded TGT) using a
TGT that is addressed.
This patch remove the fallback ensuring that a TGS_REQ with a set
of addrs set to NULL enables to acquire an addressless ticket.
| kdc/krb5tgs.c | diffblobblamehistory |