[krbdev.mit.edu #8906] git commit
Greg Hudson via RT
rt at krbdev.mit.edu
Thu May 14 17:04:42 EDT 2020
<URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=8906 >
Prevent use of invalid local TGT key
Commit 570967e11bd5ea60a82fc8157ad7d07602402ebb took a shortcut in
get_local_tgt() by using the first key data entry in the TGT principal
entry. This is usually correct, but if the first key data entry has
an invalid enctype (such as a single-DES enctype), we can select a key
we can't use. Call krb5_dbe_find_enctype() instead. Reported by
Leonard Peirce.
https://github.com/krb5/krb5/commit/d7ed635e822e13b89fef93463d1d132b1e03b78f
Author: Greg Hudson <ghudson at mit.edu>
Commit: d7ed635e822e13b89fef93463d1d132b1e03b78f
Branch: master
src/kdc/kdc_util.c | 10 +++++-----
1 files changed, 5 insertions(+), 5 deletions(-)
More information about the krb5-bugs
mailing list