Always treat the WELLKNOWN/ANONYMOUS principal as requiring pre-authentication. The anonymous draft depends on a pre-auth exchange to invoke pkinit.
ticket: 6623
target_version: 1.8
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23603
dc483132-0cff-0310-8789-
dd5450dbe970
goto errout;
}
enc_tkt_reply.client = request->client;
+ setflag(client.attributes, KRB5_KDB_REQUIRES_PRE_AUTH);
}
/*
* Check the preauthentication if it is there.