[3188] in Kerberos-V5-bugs
krb5-kdc/933: krb524 only handles des-cbc-crc tickets
daemon@ATHENA.MIT.EDU (assar@sics.se)
Mon Mar 26 00:57:28 2001
Resent-From: gnats@rt-11.mit.edu (GNATS Management)
Resent-To: krb5-unassigned@rt-11.mit.edu
Resent-Reply-To: krb5-bugs@MIT.EDU, assar@sics.se
Message-Id: <200103260556.f2Q5u9c314731@ratatosk.pdc.kth.se>
Date: Mon, 26 Mar 2001 07:56:09 +0200 (CEST)
From: assar@sics.se
To: krb5-bugs@mit.edu
Cc: hartmans@mit.edu
>Number: 933
>Category: krb5-kdc
>Synopsis: krb524 only handles des-cbc-crc tickets
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Mon Mar 26 00:57:01 EST 2001
>Last-Modified:
>Originator: Assar Westerlund
>Organization:
heimdal hackers
>Release: krb5-1.2.2
>Environment:
any
>Description:
krb524 can only convert des-cbc-crc tickets and no other des enctyped ones
>How-To-Repeat:
Get some other kind of ticket and try to do 524
>Fix:
--- cnv_tkt_skey.c~ Wed Feb 28 23:07:28 2001
+++ cnv_tkt_skey.c Tue Mar 6 22:40:25 2001
@@ -84,7 +84,9 @@
return ret;
}
- if (v5etkt->session->enctype != ENCTYPE_DES_CBC_CRC ||
+ if ((v5etkt->session->enctype != ENCTYPE_DES_CBC_CRC &&
+ v5etkt->session->enctype != ENCTYPE_DES_CBC_MD4 &&
+ v5etkt->session->enctype != ENCTYPE_DES_CBC_MD5) ||
v5etkt->session->length != sizeof(C_Block)) {
if (krb524_debug)
fprintf(stderr, "v5 session keyblock type %d length %d != C_Block size %d\n",
>Audit-Trail:
>Unformatted:
