oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Allow weak only for windows 2000 KDCs.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24823 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2009-02-27 03:25:12 +00:00
parent 3ba1f9ab68
commit 8c21864ae3
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/krb5/pkinit.c
View File

@@ -1133,6 +1133,7 @@ pk_rd_pa_reply_enckey(krb5_context context,
struct krb5_pk_cert *host = NULL;
krb5_data content;
heim_oid contentType = { 0, NULL };
int flags = HX509_CMS_UE_DONT_REQUIRE_KU_ENCIPHERMENT;
if (der_heim_oid_cmp(oid_id_pkcs7_envelopedData(), dataType)) {
krb5_set_error_message(context, EINVAL,
@@ -1140,9 +1141,12 @@ pk_rd_pa_reply_enckey(krb5_context context,
return EINVAL;
}
if (ctx->type == PKINIT_WIN2K)
flags |= HX509_CMS_UE_ALLOW_WEAK;
ret = hx509_cms_unenvelope(ctx->id->hx509ctx,
ctx->id->certs,
HX509_CMS_UE_DONT_REQUIRE_KU_ENCIPHERMENT,
flags,
indata->data,
indata->length,
NULL,