[15952] in Kerberos_V5_Development

home help back first fref pref prev next nref lref last post

Re: krb5-1.8 fails to verify MS PAC Checksum when AES 256 is used

daemon@ATHENA.MIT.EDU (Luke Howard)
Thu Jul 1 10:25:52 2010

Mime-Version: 1.0 (Apple Message framework v1078)
Content-Type: multipart/mixed; boundary=Apple-Mail-102--960574498
From: Luke Howard <lukeh@padl.com>
In-Reply-To: <4C2C9A55.4010305@anl.gov>
Date: Thu, 1 Jul 2010 16:25:36 +0200
Message-Id: <4749DBFD-43AE-493C-85A1-4099AC41613C@padl.com>
To: "Douglas E. Engert" <deengert@anl.gov>
Cc: "krbdev@mit.edu List" <krbdev@mit.edu>
Errors-To: krbdev-bounces@mit.edu


--Apple-Mail-102--960574498
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=us-ascii

See attached, untested patch. This could be optimised by mapping the =
checksum type to an enctype (is there API for this?) and then calling =
krb5_kt_get_entry() rather than enumerating the keytab, but we still =
need to enumerate the keytab if server =3D=3D NULL to handle aliases.

-- Luke


--Apple-Mail-102--960574498
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
krbdev mailing list             krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev

--Apple-Mail-102--960574498--

home help back first fref pref prev next nref lref last post