Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.427 (Entity 5.427)
From: tlyu@mit.edu
Subject: SVN Commit
RT-Send-CC:
X-RT-Original-Encoding: iso-8859-1
Content-Length: 957


pull up r23325, 23384 from trunk

 ------------------------------------------------------------------------
 r23384 | hartmans | 2009-11-30 09:14:47 -0500 (Mon, 30 Nov 2009) | 4 lines

 ticket: 6585

 Fix memory leak

 ------------------------------------------------------------------------
 r23325 | hartmans | 2009-11-23 20:05:30 -0500 (Mon, 23 Nov 2009) | 12 lines

 ticket: 6585
 subject: KDC MUST NOT accept ap-request armor in FAST TGS
 target_version: 1.7.1
 tags: pullup

 Per the latest preauth framework spec, the working group has decided
 to forbid ap-request armor in the TGS request because of security
 problems with that armor type.

 This commit was tested against an implementation of FAST TGS client to
 confirm that if explicit armor is sent, the request is rejected.

https://github.com/krb5/krb5/commit/d683ddfe24ee02a4d748b509d21142acced0fc8d
Commit By: tlyu
Revision: 23643
Changed Files:
U   branches/krb5-1-7/src/kdc/fast_util.c