oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Correct "not newer" etypes per RFC 4121

Browse Source 
Section 1 of RFC 4121 describes behavior which
    applies when using "newer" etypes, then goes on in
    table form to list etypes which are not newer.
    While it specifies it is ok to use new token formats
    when both initiator and acceptor are known to handle them,
    this code makes no such verification, and encoded an
    incorrect set of etypes as "not newer". Correct the list.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
This commit is contained in:
Derrick Brashear
2010-12-06 09:47:42 -05:00
committed by Love Hornquist Astrand
parent a7b851fad0
commit c5d0acb859
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
lib/gssapi/krb5/accept_sec_context.c
View File

@@ -99,6 +99,7 @@ _gsskrb5i_is_cfx(krb5_context context, gsskrb5_ctx ctx, int acceptor)
case ETYPE_DES_CBC_MD4:
case ETYPE_DES_CBC_MD5:
case ETYPE_DES3_CBC_MD5:
case ETYPE_OLD_DES3_CBC_SHA1:
case ETYPE_DES3_CBC_SHA1:
case ETYPE_ARCFOUR_HMAC_MD5:
case ETYPE_ARCFOUR_HMAC_MD5_56: