Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add more heuristics for backwards JWT compat #301

Merged
merged 1 commit into from
Sep 14, 2022
Merged

Add more heuristics for backwards JWT compat #301

merged 1 commit into from
Sep 14, 2022

Conversation

simo5
Copy link
Member

@simo5 simo5 commented Sep 14, 2022

These additional heuristics help in case the calling application was correctly calssifying key usage, as this is another valid hitn of what the application intended.
Invalid key usage would already cause failure, so this does not affect the countermeasures introduced but can avoid issues in older applications.

@simo5
Add more heuristics for backwards JWT compat
e1c1c78 
These additional heuristics help in case the calling application was
correctly calssifying key usage, as this is another valid hitn of what
the application intended.
Invalid key usage would already cause failure, so this does not affect
the countermeasures introduced but can avoid issues in older
applications.

Signed-off-by: Simo Sorce <[email protected]>
@simo5
Copy link
Member Author

simo5 commented Sep 14, 2022

This has been independently tested to resolve issues in FreeIPA where the change caused a failure.

@simo5 simo5 merged commit c4e0bee into latchset:master Sep 14, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@simo5