mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-22 23:23:30 -06:00
Filter out constrained delegation ACL from KDB entry
Commit f78dc0b163
was missing an exception for the constrained
delegation ACL TL data type during the principal entry update operation.
This ACL is not meant to be stored as encoded data in krbExtraData.
Signed-off-by: Julien Rische <jrische@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
This commit is contained in:
parent
3f1b373cb2
commit
545a363dd2
@ -2063,6 +2063,7 @@ done:
|
||||
static bool should_filter_out_attr(krb5_tl_data *data)
|
||||
{
|
||||
switch (data->tl_data_type) {
|
||||
case KRB5_TL_CONSTRAINED_DELEGATION_ACL:
|
||||
case KRB5_TL_DB_ARGS:
|
||||
case KRB5_TL_KADM_DATA:
|
||||
case KRB5_TL_LAST_ADMIN_UNLOCK:
|
||||
|
Loading…
Reference in New Issue
Block a user