diff options
| author | Tom Yu <tlyu@mit.edu> | 2014-11-05 14:10:35 -0500 |
|---|---|---|
| committer | Tom Yu <tlyu@mit.edu> | 2014-11-05 15:55:52 -0500 |
| commit | 38a31852c3e58f6e2f6b3b035a87f817d1db5537 (patch) | |
| tree | e2f5918d0e7349240a8bb9c1f85a2a67f12730bf | |
| parent | 16989828e9b9137b4f3c701962d838360f895636 (diff) | |
| download | krb5-38a31852c3e58f6e2f6b3b035a87f817d1db5537.tar.gz krb5-38a31852c3e58f6e2f6b3b035a87f817d1db5537.tar.xz krb5-38a31852c3e58f6e2f6b3b035a87f817d1db5537.zip | |
Remove des3 and arcfour from supported_enctypes
The des3 and arcfour (rc4) enctypes use weak string-to-key algorithms,
and should not be used for producing password-derived keys.
ticket: 7903
| -rw-r--r-- | src/include/osconf.hin | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/src/include/osconf.hin b/src/include/osconf.hin index 6f28bc3d6..922d7960f 100644 --- a/src/include/osconf.hin +++ b/src/include/osconf.hin @@ -101,8 +101,7 @@ #define KRB5_DEFAULT_SUPPORTED_ENCTYPES \ "aes256-cts-hmac-sha1-96:normal " \ - "aes128-cts-hmac-sha1-96:normal " \ - "des3-cbc-sha1:normal arcfour-hmac-md5:normal" + "aes128-cts-hmac-sha1-96:normal" #define MAX_DGRAM_SIZE 65536 |