[1033] in Kerberos_V5_Development
Multiple salt-type support: What broke?
daemon@ATHENA.MIT.EDU (Richard Basch)
Tue Mar 26 17:19:32 1996
Date: Tue, 26 Mar 1996 17:18:58 -0500
To: krbdev@MIT.EDU
From: "Richard Basch" <basch@lehman.com>
It appears that the handling of multiple keys in the database with
multiple salts has recently broken. I have DES-CBC-CRC/V4 keys in the
database and it appears that I am failing to decrypt the keys now,
probably because it is assuming the V5 salt. Before, the server
returned to the client the correct salt, and the client used it. Using
two different versions of "kinit" with the same configuration compiled
in, it either works or it doesn't, so I suspect it was a libkrb5 change
that broke it.
Any clues? The logs don't seem to point to an obvious change, but a lot
has happened in the last two weeks.
Richard Basch
Sr. Developer/Analyst URL: http://web.mit.edu/basch/www/home.html
Lehman Brothers, Inc. Email: basch@lehman.com, basch@mit.edu
101 Hudson St., 33rd Floor Fax: +1-201-524-5828
Jersey City, NJ 07302-3988 Voice: +1-201-524-5049
