Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.427 (Entity 5.427)
From: ghudson@mit.edu
Subject: git commit
RT-Send-CC:
X-RT-Original-Encoding: iso-8859-1
Content-Length: 1196


In KDC, log client principal in bad header ticket

Fix KDC logging to include client principal in TGS_REQ logging even
during error conditions such as "Ticket expired".  As long as the
TGS_REQ can be decrypted and the client principal is available, it
should be included in the log, regardless of other errors which might
be detected.

krb5_rd_req_decoded and krb5_rd_req_decoded_anyflag (not public
interfaces) now leave the decrypted ticket in req->ticket->enc_part2
on success or failure, if the ticket was successfully decrypted.  This
does not affect the behavior of krb5_rd_req.

[ghudson@mit.edu: removed extraneous change, added commit message
summary and description of internal API change, fixed possible memory
leak, removed comment and #if 0 code block of purely historical
interest]

https://github.com/krb5/krb5/commit/f07516a9f65207b1fb2f9f07b1ec7d3caa51c6be
Author: rbasch <probe@tardis.internal.bright-prospects.com>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: f07516a9f65207b1fb2f9f07b1ec7d3caa51c6be
Branch: master
 src/kdc/kdc_util.c            |   20 ++++++++++++++++++--
 src/lib/krb5/krb/rd_req_dec.c |    7 -------
 2 files changed, 18 insertions(+), 9 deletions(-)