Ran
|
Files
296
|
Run time
13s
|
Badge
Embed ▾
README BADGES
|
push
travis-ci
kdc: history of request_anonymous vs cname-in-addl-tkt confusion Drafts 0 through 10 of the Kerberos anonymity internet draft, https://tools.ietf.org/html/draft-ietf-krb-wg-anon, specified the TicketFlags.anonymous flag as bit 14 and the KDCOptions.anonymous flag as bit 14. These were changed to bit 16 by MIT after it was discovered that Microsoft used KDCOptions bit 14 for S4U2Proxy cname-in-addl-tkt. (Feb 2007) Heimdal added constrained delegation support prior to 1.0 but named the KDCOptions flag constrained_delegation instead of cname-in-addl-tkt as per MS-SFU. It also assigned bit 16 instead of bit 14. Perhaps this was done in the hope that the conflict with Microsoft would be resolved in favor of the IETF internet draft instead of the proprietary protocol extension. adf912182 ("Add PA-ClientCanonicalized and friends.") introduced the KDCOptions.constrained_delegation flag as bit 16. (June 2007) In order to make Heimdal's constrained delegation work with Microsoft's implementation Heimdal began to set both KDCOptions bits 14 and 16 when requesting constrained delegation. d5bb7a7c5 ("(krb5_get_creds): if KRB5_GC_CONSTRAINED_DELEGATION is set, set both") set both the anonymous and constrained_delegation TicketFlags when issuing a S4U2Proxy request. (June 2010) MIT reassigned the KDCOption.anonymous and TicketFlags.anonymous flags to bit 16. draft-ietf-krb-anon-11 was published with this change. (July 2014) After the release of Heimdal 1.5.0 and prior to 1.5.1 it was noticed that Heimdal's anonymous TGT support did not interoperate with MIT. 86554f5a7 ("Use correct value for anonymous flags") swapped the bit assignments for request_anonymous and constrained_delegation but failed to remove the setting of KDCOptions bit 16 ("anonymous") when requesting constrained delegation. (May 2019) Prior to the 7.6 release many corrections to Heimdal's anonym... (continued)
0 of 0 relevant lines covered (NaN%)
0.0 hits per line
Coverage | ∆ | File | Lines | Relevant | Covered | Missed | Hits/Line |
---|