krb5.git - MIT Kerberos patches

diff options

author	Tom Yu <tlyu@mit.edu>	2010-02-01 21:48:19 +0000
committer	Tom Yu <tlyu@mit.edu>	2010-02-01 21:48:19 +0000
commit	15734117beac425fe4e7b5a513af497115eff687 (patch)
tree	4f9f6ab7672d1a0cb866f07b02b674a992a53173 /src/plugins/authdata
parent	89f378fe89c2cf51ba528827b9bd888d415a1746 (diff)
download	krb5-15734117beac425fe4e7b5a513af497115eff687.tar.gz krb5-15734117beac425fe4e7b5a513af497115eff687.tar.xz krb5-15734117beac425fe4e7b5a513af497115eff687.zip

set_default_enctype_var should filter not reject weak enctypes

With allow_weak_crypto=false, set_default_enctype_var() (helper function for krb5_set_default_tgs_enctypes(), etc.) was rejecting any application-provided enctype list that contained any weak enctype even when valid strong enctypes were present. This broke some Samba things. Filter the weak enctypes instead. Add test cases. Reported to Debian by Holger Isenberg. (Debian bug #566977) http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566977 Thanks to Simo Sorce for testing. ticket: 6653 tags: pullup target_version: 1.8 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23681 dc483132-0cff-0310-8789-dd5450dbe970

Diffstat (limited to 'src/plugins/authdata')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: