[19991] in Kerberos_V5_Development
Re: [kitten] Checking the transited list of a kerberos ticket in a
daemon@ATHENA.MIT.EDU (Stefan Metzmacher)
Thu Nov 21 10:57:38 2019
To: Greg Hudson <ghudson@mit.edu>, kitten@ietf.org,
Viktor Dukhovni <viktor1dane@dukhovni.org>,
Samba Technical <samba-technical@lists.samba.org>,
"krbdev@mit.edu Dev List" <krbdev@mit.edu>,
Isaac Boukris <iboukris@samba.org>
From: Stefan Metzmacher <metze@samba.org>
Message-ID: <7d798d4b-3ed6-14f7-e5ee-6da66d6dd309@samba.org>
Date: Thu, 21 Nov 2019 16:57:21 +0100
MIME-Version: 1.0
In-Reply-To: <0047cfe1-fd61-d160-f737-686ea42686e1@samba.org>
Content-Type: multipart/mixed; boundary="===============7077436777608902694=="
Errors-To: krbdev-bounces@mit.edu
--===============7077436777608902694==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="G1PbuGUWGGQvwJr3KLrBMF2rrO3e4sMlT"
--G1PbuGUWGGQvwJr3KLrBMF2rrO3e4sMlT
Content-Type: multipart/mixed; boundary="dZCDgadvdfvSp29FmZeNDM5hpTo12l8Po";
protected-headers="v1"
From: Stefan Metzmacher <metze@samba.org>
To: Greg Hudson <ghudson@mit.edu>, kitten@ietf.org,
Viktor Dukhovni <viktor1dane@dukhovni.org>,
Samba Technical <samba-technical@lists.samba.org>,
"krbdev@mit.edu Dev List" <krbdev@mit.edu>,
Isaac Boukris <iboukris@samba.org>
Message-ID: <7d798d4b-3ed6-14f7-e5ee-6da66d6dd309@samba.org>
Subject: Re: [kitten] Checking the transited list of a kerberos ticket in a
transitive cross-realm trust situation...
References: <f33d5f68-1fdc-c1bc-c702-70b054880bb4@samba.org>
<649fa812-aacf-80b6-1976-a719eca60fc2@mit.edu>
<33c431f5-c36b-c321-de3f-65977d8aa898@samba.org>
<007c29e8-02b9-4f48-f67e-881cb0985d64@mit.edu>
<69d80d24-d461-1652-3cfb-e55d90d31fbf@samba.org>
<ec067a72-313e-1878-33a0-a3259d2979d5@mit.edu>
<1503578184.3428.19.camel@redhat.com>
<db882372-aa1d-e58e-4c94-a268539bd2ee@samba.org>
<1503596189.3428.26.camel@redhat.com>
<F363B51E-FDF7-4C91-9ABD-B623B5CE97BC@dukhovni.org>
<8f68cfb0-2d6b-d86f-4ff0-a9282aa0bf55@samba.org>
<cb0d7433-9e23-5bce-4e06-1213bf88cade@samba.org>
<d50c2b41-d0de-b47a-b47b-781fe4b1abe3@samba.org>
<bfaf6ce7-5cb1-8d42-5b49-11b5e1c0b18f@mit.edu>
<0047cfe1-fd61-d160-f737-686ea42686e1@samba.org>
In-Reply-To: <0047cfe1-fd61-d160-f737-686ea42686e1@samba.org>
--dZCDgadvdfvSp29FmZeNDM5hpTo12l8Po
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
Hi,
> I was able to finish all the tests and have a branch here:
> https://github.com/metze-samba/heimdal/tree/heimdal-no-transit-check
>=20
> I'll add a reference to this discussion into some commit messages
> and create a pull request shortly.
Here's the pull request.
https://github.com/heimdal/heimdal/pull/656
Issac can you please have a look at let me know if the modifications
to your changes are fine with you?
Thanks!
metze
--dZCDgadvdfvSp29FmZeNDM5hpTo12l8Po--
--G1PbuGUWGGQvwJr3KLrBMF2rrO3e4sMlT
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEfFbGo3YXpfgryIw9DbX1YShpvVYFAl3Ws+EACgkQDbX1YShp
vVa1wQ/9EU9VRBLmGJkT5yWdBxzgkkPM3Ima79voCyN3g0uLcjxW9Xg4zw8zq2hR
WV/wTGuOsXVlIBBsVhfDFO2cblUuXiFzpgbPYMvVwmCv9I8nwylhLSGVzRb5AdCS
ES6jl5/T2AHCXs8MvHJ/rPs2HgsGioGmjuhfXxfwGlBB+3H1JXKGN//a54w0J6/C
4nuSvmYAEuxZuoJk3YaVWJDM+ri+skIuTQlROtyqOUP8iWjfjqHFGR+QgFXSKE9S
QDb7fT+JnOcafaWFJVlzGZbgih4g34BwsvJAimZUYLtS1TStLilIdOzfOpm7kRXf
8Bea9ConOuiHYkGLHX+fpZJyqiEc6wMs/mUPhV7yAoGcKBnNMTBXoEpEF9tn01hQ
grGg5Vb1aQEoCX5vGhRToXl0aZYS2RtCVQ4GBH2MZf1IDQ+8nRXxf3YvpLMvoqXa
oahE2ECbFWlOT5vvSCalVl6gY5gyGjvZMcLJ5ec+XCCzICUe8+HDFHR9qirakjMe
oj1feKtoGfJY3nCLv9F/JOCxzN1KqriWA1Yu8yAc+MM/GyaFmuOEc6nx+ehGUzx8
fCRGkHYbr8QGYDnJdaEFBL5vceoweSMpuUJ+yaH8VkRLbk6kU13WecmEv21HPFgR
a2MRMrNMz3Sd1H2ZEpygOiQSm/gVApOFTI1tocc15GFh013r1tw=
=jLrY
-----END PGP SIGNATURE-----
--G1PbuGUWGGQvwJr3KLrBMF2rrO3e4sMlT--
--===============7077436777608902694==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
--===============7077436777608902694==--
