krb5 commit: Remove des3 and arcfour from supported_enctypes
Tom Yu
tlyu at mit.edu
Wed Nov 5 18:52:52 EST 2014
https://github.com/krb5/krb5/commit/38a31852c3e58f6e2f6b3b035a87f817d1db5537
commit 38a31852c3e58f6e2f6b3b035a87f817d1db5537
Author: Tom Yu <tlyu at mit.edu>
Date: Wed Nov 5 14:10:35 2014 -0500
Remove des3 and arcfour from supported_enctypes
The des3 and arcfour (rc4) enctypes use weak string-to-key algorithms,
and should not be used for producing password-derived keys.
ticket: 7903
src/include/osconf.hin | 3 +--
1 files changed, 1 insertions(+), 2 deletions(-)
diff --git a/src/include/osconf.hin b/src/include/osconf.hin
index 6f28bc3..922d796 100644
--- a/src/include/osconf.hin
+++ b/src/include/osconf.hin
@@ -101,8 +101,7 @@
#define KRB5_DEFAULT_SUPPORTED_ENCTYPES \
"aes256-cts-hmac-sha1-96:normal " \
- "aes128-cts-hmac-sha1-96:normal " \
- "des3-cbc-sha1:normal arcfour-hmac-md5:normal"
+ "aes128-cts-hmac-sha1-96:normal"
#define MAX_DGRAM_SIZE 65536
More information about the cvs-krb5
mailing list