df62ac0 PAC: krb5_pac_verify failures should not be fatal

Authored and Committed by jhrozek 9 years ago
    PAC: krb5_pac_verify failures should not be fatal
    
    As noted in the MIT KRB5 documentation, some servers send PAC with no
    checksum, therefire the PAC validation should not be fatal, instead, we
    should treat a failure from krb5_pac_verify as if there was no PAC at
    all.
    
    Reported on sssd-devel by Thomas Sondergaard
    
    (cherry picked from commit 6e51d44a65b15c2f0491b0a8b452caac0bc00584)
    
        
file modified
+10 -1