[Freeipa-devel] [PATCHSET] 496 add some PAC verification
Simo Sorce
simo at redhat.com
Thu Aug 2 15:28:59 UTC 2012
On Thu, 2012-08-02 at 13:25 +0200, Sumit Bose wrote:
> On Mon, Jul 16, 2012 at 06:54:26PM -0400, Simo Sorce wrote:
> > This patchset is about Ticket #2849
> >
> > The point is to verify that the PAC information we are getting from a
> > trusted realm is actually consistent with the information we know about
> > that trust relationship.
> >
> > The patchset adds a way to load trust information in the kdb driver
> > (first 2 patches), reorganizes a bit the code around PAC verification
> > and adds a filtering function to match realm with AD and SID data.
> >
> > Tested on my trust environment and seem to work fine.
>
> Works for me as well. ACK.
Pushed to master.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list