[Heimdal-source-changes] [heimdal/heimdal] 31c15c: kdc: get_pa_etype_info_both comply with RFC4120
GitHub
noreply at github.com
Mon Jan 7 05:29:24 CET 2019
Branch: refs/heads/jaltman/kdc-pa-etype-info-generation
Home: https://github.com/heimdal/heimdal
Commit: 31c15c0ca6b56735cd6c1f90ca0556239640ea04
https://github.com/heimdal/heimdal/commit/31c15c0ca6b56735cd6c1f90ca0556239640ea04
Author: Jeffrey Altman <jaltman at secure-endpoints.com>
Date: 2019-01-06 (Sun, 06 Jan 2019)
Changed paths:
M kdc/kerberos5.c
Log Message:
-----------
kdc: get_pa_etype_info_both comply with RFC4120
Heimdal's current behavior regarding the generation of PA-ETYPE-INFO2
and PA-ETYPE-INFO violates RFC4120 in two ways:
1. when generating responding both PA-ETYPE-INFO2 and PA-ETYPE-INFO
the hints returned in the inverse order: INFO then INFO2 instead
of INFO2 then INFO.
2. the determination that both PA-ETYPE-INFO2 and PA-ETYPE-INFO is
currently based upon the KDC selected enctype when it should be
determine based upon examining the entire enctype list specified
by the requesting client.
This change corrects the behavior to follow the RFC4120 guidance.
Change-Id: I6ebda8a813c25f9296f10314e32e93a22380ca72
**NOTE:** This service has been marked for deprecation: https://developer.github.com/changes/2018-04-25-github-services-deprecation/
Functionality will be removed from GitHub.com on January 31st, 2019.
More information about the Heimdal-source-changes
mailing list