git.samba.org
/
samba.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
fcea535
)
s4:kdc: Add comment to clarify that we fetch the client claims
author
Joseph Sutton
<josephsutton@catalyst.net.nz>
Thu, 22 Jun 2023 23:55:24 +0000
(11:55 +1200)
committer
Stefan Metzmacher
<metze@samba.org>
Mon, 26 Jun 2023 11:10:31 +0000
(11:10 +0000)
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
source4/kdc/pac-glue.c
patch
|
blob
|
history
diff --git
a/source4/kdc/pac-glue.c
b/source4/kdc/pac-glue.c
index bd7c3ce634d2eeb80c9408b17c7c39f5aa687fea..e6fc630006a1d340ee58eea190ffdeb81a673978 100644
(file)
--- a/
source4/kdc/pac-glue.c
+++ b/
source4/kdc/pac-glue.c
@@
-2414,6
+2414,12
@@
krb5_error_code samba_kdc_update_pac(TALLOC_CTX *mem_ctx,
if (device_pac_is_trusted) {
krb5_data device_claims_data;
+
+ /*
+ * [MS-KILE] 3.3.5.7.4 Compound Identity: the client
+ * claims from the device PAC become the device claims
+ * in the new PAC.
+ */
code = krb5_pac_get_buffer(context, device_pac,
PAC_TYPE_CLIENT_CLAIMS_INFO,
&device_claims_data);