Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix verification of RODC-issued PAC KDC signature
Per [MS-PAC] 2.8, PAC_SIGNATURE_DATA may contain an RODCIdentifier following the checksum. In k5_pac_verify_kdc_checksum(), do not assume that the checksum spans the remainder of the buffer; instead, look up the checksum length by its type. [ghudson@mit.edu: edited commit message and comment; reordered code for clarity] ticket: 9031 (new)
- Loading branch information