[11367] in Kerberos-V5-bugs
[krbdev.mit.edu #6653] SVN Commit
daemon@ATHENA.MIT.EDU (Tom Yu via RT)
Mon Feb 1 16:48:22 2010
Mail-followup-to: rt@krbdev.mit.edu
mail-copies-to: never
From: "Tom Yu via RT" <rt-comment@krbdev.MIT.EDU>
In-Reply-To: <rt-6653@krbdev.mit.edu>
Message-ID: <rt-6653-32341.13.2477618715009@krbdev.mit.edu>
To: "'AdminCc of krbdev.mit.edu Ticket #6653'":;"'AdminCc of krbdev.mit.edu Ticket #6653'":;@MIT.EDU
Date: Mon, 1 Feb 2010 16:48:20 -0500 (EST)
Reply-To: rt-comment@krbdev.MIT.EDU
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu
With allow_weak_crypto=false, set_default_enctype_var() (helper
function for krb5_set_default_tgs_enctypes(), etc.) was rejecting any
application-provided enctype list that contained any weak enctype even
when valid strong enctypes were present. This broke some Samba
things. Filter the weak enctypes instead. Add test cases.
Reported to Debian by Holger Isenberg. (Debian bug #566977)
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566977
Thanks to Simo Sorce for testing.
http://src.mit.edu/fisheye/changelog/krb5/?cs=23681
Commit By: tlyu
Revision: 23681
Changed Files:
U trunk/src/lib/krb5/krb/init_ctx.c
U trunk/src/lib/krb5/krb/t_etypes.c
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
