[16295] in Kerberos-V5-bugs
[krbdev.mit.edu #8804] git commit
daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Tue May 14 01:56:07 2019
Mail-followup-to: rt@krbdev.mit.edu
mail-copies-to: never
From: Greg Hudson via RT <rt-comment@KRBDEV-PROD-APP-1.mit.edu>
In-Reply-To: <rt-8804@krbdev.mit.edu>
Message-ID: <rt-8804-49422.17.9793207960417@krbdev.mit.edu>
To: "'AdminCc of krbdev.mit.edu Ticket #8804'":;
Date: Tue, 14 May 2019 01:55:59 -0400
MIME-Version: 1.0
Reply-To: rt-comment@KRBDEV-PROD-APP-1.mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu
Remove checksum type profile variables
Remove support for the krb5.conf relations ap_req_checksum_type,
kdc_req_checksum_type, and safe_checksum_type. These values were
useful for interoperating with very old KDCs, which should no longer
be deployed.
Additionally, kdc_req_checksum_type was incorrectly documented as only
applying to single-DES keys; in practice it also worked for RC4. The
other two were not clearly documented, but safe_checksum_type did
allow use of hmac-md5-rc4 for any enctype, and ap_req_checksum_type
did not impose any limitations.
[ghudson@mit.edu: edited commit message]
https://github.com/krb5/krb5/commit/a5a140dc85201faf1ba3a687553058354722a1b4
Author: Robbie Harwood <rharwood@redhat.com>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: a5a140dc85201faf1ba3a687553058354722a1b4
Branch: master
doc/admin/conf_files/krb5_conf.rst | 37 --------------
src/include/k5-int.h | 6 --
src/lib/krb5/krb/auth_con.c | 2 -
src/lib/krb5/krb/init_ctx.c | 13 -----
src/lib/krb5/krb/send_tgs.c | 19 +-------
src/lib/krb5/krb/ser_ctx.c | 38 +--------------
src/lib/krb5/krb/t_copy_context.c | 6 --
src/man/krb5.conf.man | 92 ++---------------------------------
8 files changed, 8 insertions(+), 205 deletions(-)
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
