Jacques A. Vidrine 
							
						 
					 
					
						
						
							
						
						6710968492 
					 
					
						
						
							
							[Dug this out of an email I sent November 2002.]  
						
						... 
						
						
						
						Currently, if the AS exchange uses PA-ENC-TIMESTAMP, a Heimdal client
will transmit the AS-REQ with one PA-ENC-TIMESTAMP for every supported
encryption type.  This is bad because:
   (1) An eavesdropper collecting this information for dictionary
       attacks will have his life made easier, since he can use
       DES (rather than a stronger crypto system).
   (2) Waste of CPU cycles on client.
   (3) (Maybe) cryptanalysis is assisted by capturing ciphtertexts
       that are known to be the same plaintext encrypted with the
       same key in several algorithms (though the confounder confounds
       this).
The KDC provides the list of etypes supported in PA-ETYPE-INFO in the
KRB-ERROR reply ... let's use the first one, eh?
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11646 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2003-02-16 06:41:25 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						ddc308c36f 
					 
					
						
						
							
							use ASN1_MALLOC_ENCODE  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11372 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2002-09-04 16:26:05 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						34a237bf21 
					 
					
						
						
							
							only set kdc_sec_offset if looking at an initial ticket  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11329 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2002-09-02 17:10:18 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						2c8ad9127f 
					 
					
						
						
							
							(krb5_init_etype): constify  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10912 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2002-04-18 09:11:39 +00:00 
						 
				 
			
				
					
						
							
							
								Assar Westerlund 
							
						 
					 
					
						
						
							
						
						9f1c66fe5f 
					 
					
						
						
							
							use krb5_enctype consistently.  From Ben Harris <bjh21@netbsd.org>  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10804 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2002-01-06 23:10:06 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						e935d25883 
					 
					
						
						
							
							(init_as_req): treat no addresses as wildcard  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10241 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2001-07-02 22:30:48 +00:00 
						 
				 
			
				
					
						
							
							
								Assar Westerlund 
							
						 
					 
					
						
						
							
						
						a7337f4e48 
					 
					
						
						
							
							(krb5_get_in_cred): clear error string when preauth was required and  
						
						... 
						
						
						
						we retry
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10004 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2001-05-27 23:53:25 +00:00 
						 
				 
			
				
					
						
							
							
								Assar Westerlund 
							
						 
					 
					
						
						
							
						
						d27aa3b62e 
					 
					
						
						
							
							add some krb5_{set,clear}_error_string  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9937 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2001-05-14 06:14:52 +00:00 
						 
				 
			
				
					
						
							
							
								Assar Westerlund 
							
						 
					 
					
						
						
							
						
						0cb28a090c 
					 
					
						
						
							
							(krb5_get_in_cred): set error strings for a few more errors  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9878 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2001-05-10 15:28:36 +00:00 
						 
				 
			
				
					
						
							
							
								Assar Westerlund 
							
						 
					 
					
						
						
							
						
						13758276e2 
					 
					
						
						
							
							(krb5_get_in_cred): set some sensible error strings for errors  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9848 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2001-05-07 05:28:34 +00:00 
						 
				 
			
				
					
						
							
							
								Assar Westerlund 
							
						 
					 
					
						
						
							
						
						accdd87f82 
					 
					
						
						
							
							check return value from krb5_crypto_init  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8975 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2000-08-18 06:50:26 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						def1f13529 
					 
					
						
						
							
							pa_* -> KRB5_PADATA_*  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8401 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2000-06-19 15:28:48 +00:00 
						 
				 
			
				
					
						
							
							
								Assar Westerlund 
							
						 
					 
					
						
						
							
						
						9c74183667 
					 
					
						
						
							
							(_krb5_extract_ticket): new parameter to determine whetever to ignore  
						
						... 
						
						
						
						client name of not.  always copy client name from kdc.  fix callers.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8014 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2000-03-04 15:57:38 +00:00 
						 
				 
			
				
					
						
							
							
								Assar Westerlund 
							
						 
					 
					
						
						
							
						
						209565763c 
					 
					
						
						
							
							update to new prototype of krb5_timeofday  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7857 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2000-02-06 05:20:51 +00:00 
						 
				 
			
				
					
						
							
							
								Assar Westerlund 
							
						 
					 
					
						
						
							
						
						db67429c81 
					 
					
						
						
							
							(add_padata): change types to make everything work out  
						
						... 
						
						
						
						(krb5_get_in_cred): remove const to make types match
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7740 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2000-01-06 20:36:28 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						c5b916ca6f 
					 
					
						
						
							
							remove advertising clause  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7464 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1999-12-02 17:05:13 +00:00 
						 
				 
			
				
					
						
							
							
								Assar Westerlund 
							
						 
					 
					
						
						
							
						
						4e5a924e40 
					 
					
						
						
							
							(krb5_get_in_cred): generate preauthentication information if we get  
						
						... 
						
						
						
						back ERR_PREAUTH_REQUIRED
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7358 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1999-11-12 16:12:52 +00:00 
						 
				 
			
				
					
						
							
							
								Assar Westerlund 
							
						 
					 
					
						
						
							
						
						fb7bb330b4 
					 
					
						
						
							
							type correctness  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@6728 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1999-08-04 17:20:11 +00:00 
						 
				 
			
				
					
						
							
							
								Assar Westerlund 
							
						 
					 
					
						
						
							
						
						849381ffe0 
					 
					
						
						
							
							(add_padat): encrypt pre-auth data with all enctypes  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@6411 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1999-07-04 15:42:35 +00:00 
						 
				 
			
				
					
						
							
							
								Assar Westerlund 
							
						 
					 
					
						
						
							
						
						5a2a11f6e6 
					 
					
						
						
							
							(krb5_init_etype): error check malloc properly  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@6399 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1999-07-03 02:33:32 +00:00 
						 
				 
			
				
					
						
							
							
								Assar Westerlund 
							
						 
					 
					
						
						
							
						
						f4893f23f7 
					 
					
						
						
							
							(init_as_req): interpret `addrs' being an empty sit of list as to not  
						
						... 
						
						
						
						ask for any addresses.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@6168 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1999-05-09 08:49:20 +00:00 
						 
				 
			
				
					
						
							
							
								Assar Westerlund 
							
						 
					 
					
						
						
							
						
						f4020ed93d 
					 
					
						
						
							
							(add_padata): loop over all enctypes instead of just taking the first  
						
						... 
						
						
						
						one.  fix all callers.  From "Brandon S. Allbery KF8NH"
<allbery@kf8nh.apk.net >
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@5987 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1999-04-19 10:26:01 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						25271eab9d 
					 
					
						
						
							
							(init_as_req): pass context to krb5_get_all_client_addrs  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@5840 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1999-04-01 18:25:20 +00:00 
						 
				 
			
				
					
						
							
							
								Assar Westerlund 
							
						 
					 
					
						
						
							
						
						4128fd5a71 
					 
					
						
						
							
							(krb5_get_in_cred): be more careful about freeing memory  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@5754 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1999-03-24 22:26:42 +00:00 
						 
				 
			
				
					
						
							
							
								Assar Westerlund 
							
						 
					 
					
						
						
							
						
						ef4e99052c 
					 
					
						
						
							
							(krb5_init_etype): etypes are now `int'  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@5367 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1999-02-15 21:04:46 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						aaae186ab9 
					 
					
						
						
							
							merge new-crypto branch  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@5332 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1999-02-11 21:03:59 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						5ab42022ca 
					 
					
						
						
							
							Rename PA-KEY-INFO -> ETYPE-INFO.  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4618 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1998-03-21 00:48:46 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						e247ceb526 
					 
					
						
						
							
							Remove unused variables.  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4513 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1998-03-01 04:58:52 +00:00 
						 
				 
			
				
					
						
							
							
								Assar Westerlund 
							
						 
					 
					
						
						
							
						
						a616058c86 
					 
					
						
						
							
							(_krb5_extract_ticket): if time difference is larger than max_skew,  
						
						... 
						
						
						
						return KRB5KRB_AP_ERR_SKEW
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4387 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1998-02-12 04:19:15 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						440bf6aeb6 
					 
					
						
						
							
							Use krb5_decode_Enc{AS,TGS}RepPart.  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4363 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1998-01-31 16:31:51 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						a99929c553 
					 
					
						
						
							
							Use krb5_convert_etype.  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4354 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1998-01-22 23:32:52 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						1c967d721a 
					 
					
						
						
							
							Rename err' to ret'.  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4352 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1998-01-22 23:27:21 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						1d3d76d40e 
					 
					
						
						
							
							Add better support for specifying what pre-authentication to use.  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4348 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1998-01-22 22:32:47 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						11b249fe52 
					 
					
						
						
							
							Return error-packet to caller.  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4337 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1998-01-21 03:18:22 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						2298d9a00c 
					 
					
						
						
							
							part1 -> kdc_rep, part2 -> enc_part  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4335 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1998-01-21 02:13:17 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						e51386b2bc 
					 
					
						
						
							
							Fix for new authdata.  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4330 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1998-01-21 00:46:00 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						c4661ee937 
					 
					
						
						
							
							Handle pa-afs3-salt case.  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4260 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1998-01-03 21:18:12 +00:00 
						 
				 
			
				
					
						
							
							
								Assar Westerlund 
							
						 
					 
					
						
						
							
						
						801efeb83e 
					 
					
						
						
							
							removed old comment  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4001 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1997-11-16 01:52:36 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						b7ebe1debf 
					 
					
						
						
							
							Rename krb5_free_keyblock to krb5_free_keyblock_contents.  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3917 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1997-11-11 01:52:46 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						b39dc81ca1 
					 
					
						
						
							
							Make options parameter MIT-compatible.  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3886 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1997-11-10 21:47:51 +00:00 
						 
				 
			
				
					
						
							
							
								Assar Westerlund 
							
						 
					 
					
						
						
							
						
						c145f0f8e4 
					 
					
						
						
							
							const and char cleanup  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3699 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1997-10-29 01:30:15 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						d659d5b10a 
					 
					
						
						
							
							use correct etype  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3585 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1997-10-13 15:18:52 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						1e000dca69 
					 
					
						
						
							
							Fix a lot of etype/keytype misuse.  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3529 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1997-09-22 18:05:07 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						7e533905be 
					 
					
						
						
							
							(_krb5_extract_ticket): add allow_server_mismatch flag to not check  
						
						... 
						
						
						
						for correct server in the reply
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3459 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1997-09-10 19:19:06 +00:00 
						 
				 
			
				
					
						
							
							
								Assar Westerlund 
							
						 
					 
					
						
						
							
						
						d836b622df 
					 
					
						
						
							
							(krb5_get_in_cred): be more careful when checking for a v4 reply  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3379 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1997-09-04 02:44:22 +00:00 
						 
				 
			
				
					
						
							
							
								Assar Westerlund 
							
						 
					 
					
						
						
							
						
						cc604a140d 
					 
					
						
						
							
							extract_ticket -> _krb5_extract_ticket  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3277 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1997-08-29 02:36:31 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						1ac1ca1c73 
					 
					
						
						
							
							Check for v4 reply.  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3209 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1997-08-28 00:01:46 +00:00 
						 
				 
			
				
					
						
							
							
								Assar Westerlund 
							
						 
					 
					
						
						
							
						
						3e09188f0a 
					 
					
						
						
							
							(krb5_get_in_cred): don't print out krb-error text  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3118 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1997-08-24 10:39:13 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						b4d0fa1d4c 
					 
					
						
						
							
							Mask nonce to 32 bits. Fix some type conflicts.  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3094 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1997-08-24 04:34:46 +00:00 
						 
				 
			
				
					
						
							
							
								Johan Danielsson 
							
						 
					 
					
						
						
							
						
						502aa1fc08 
					 
					
						
						
							
							kvno for encrypt_EncryptedData  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3074 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						1997-08-21 18:45:44 +00:00