[15952] in Kerberos_V5_Development
Re: krb5-1.8 fails to verify MS PAC Checksum when AES 256 is used
daemon@ATHENA.MIT.EDU (Luke Howard)
Thu Jul 1 10:25:52 2010
Mime-Version: 1.0 (Apple Message framework v1078)
Content-Type: multipart/mixed; boundary=Apple-Mail-102--960574498
From: Luke Howard <lukeh@padl.com>
In-Reply-To: <4C2C9A55.4010305@anl.gov>
Date: Thu, 1 Jul 2010 16:25:36 +0200
Message-Id: <4749DBFD-43AE-493C-85A1-4099AC41613C@padl.com>
To: "Douglas E. Engert" <deengert@anl.gov>
Cc: "krbdev@mit.edu List" <krbdev@mit.edu>
Errors-To: krbdev-bounces@mit.edu
--Apple-Mail-102--960574498
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=us-ascii
See attached, untested patch. This could be optimised by mapping the =
checksum type to an enctype (is there API for this?) and then calling =
krb5_kt_get_entry() rather than enumerating the keytab, but we still =
need to enumerate the keytab if server =3D=3D NULL to handle aliases.
-- Luke
--Apple-Mail-102--960574498
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
--Apple-Mail-102--960574498--