[Heimdal-source-changes] [heimdal/heimdal] 828dde: kdc: get_pa_etype_info_both comply with RFC4120
GitHub
noreply at github.com
Mon Jan 7 05:43:57 CET 2019
Branch: refs/heads/master
Home: https://github.com/heimdal/heimdal
Commit: 828ddecd6134987a64729b01ec2d9c9e0ae4222e
https://github.com/heimdal/heimdal/commit/828ddecd6134987a64729b01ec2d9c9e0ae4222e
Author: Jeffrey Altman <jaltman at secure-endpoints.com>
Date: 2019-01-07 (Mon, 07 Jan 2019)
Changed paths:
M kdc/kerberos5.c
Log Message:
-----------
kdc: get_pa_etype_info_both comply with RFC4120
Heimdal's current behavior regarding the generation of PA-ETYPE-INFO2
and PA-ETYPE-INFO violates RFC4120 in two ways:
1. when generating responding both PA-ETYPE-INFO2 and PA-ETYPE-INFO
the hints returned in the inverse order: INFO then INFO2 instead
of INFO2 then INFO.
2. the determination that both PA-ETYPE-INFO2 and PA-ETYPE-INFO is
currently based upon the KDC selected enctype when it should be
determine based upon examining the entire enctype list specified
by the requesting client.
This change corrects the behavior to follow the RFC4120 guidance.
Change-Id: I6ebda8a813c25f9296f10314e32e93a22380ca72
**NOTE:** This service has been marked for deprecation: https://developer.github.com/changes/2018-04-25-github-services-deprecation/
Functionality will be removed from GitHub.com on January 31st, 2019.
More information about the Heimdal-source-changes
mailing list