Windows 2008 R2 problems
Markus Moeller
huaraz at moeller.plus.com
Sat Oct 30 08:44:15 EDT 2010
Stepping through the debugger. I get an error here:
in krb5int_dk_decrypt from dk_aead.c using MIT 1.8.3
260
261 /* Compare only the possibly truncated length. */
262 if (memcmp(cksum, trailer->data.data, hmacsize) != 0) {
263 ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
264 goto cleanup;
265 }
which I think does not relate to the new mech type. Any idea what to look
for ?
Thank you
Markus
"Markus Moeller" <huaraz at moeller.plus.com> wrote in message
news:iafjbr$soe$1 at dough.gmane.org...
>
> "Simo Sorce" <ssorce at redhat.com> wrote in message
> news:20101029175054.721e9fa9 at willson.li.ssimo.org...
>> On Fri, 29 Oct 2010 22:26:36 +0100
>> "Markus Moeller" <huaraz at moeller.plus.com> wrote:
>>
>>> Hi
>>>
>>> I try to use a Windows 2008 R2 server together with MIT libraries
>>> 1.8.1 for Negotiate authentication. It works fine with 2008 but 2008
>>> R2 seems to have implemented
>>> http://www.ietf.org/id/draft-zhu-negoex-02.txt which uses a new
>>> mechtype 1.3.6.1.4.1.311.2.2.30. Is this supported/tested with MIT
>>> 1.8.1 ?
>>
>> NEGOEX is not implemented by any MIT version at this stage.
>>
>
> So will it be ignored or does it create an error ?
>
>> Simo.
>>
>> --
>> Simo Sorce * Red Hat, Inc * New York
>> ________________________________________________
>> Kerberos mailing list Kerberos at mit.edu
>> https://mailman.mit.edu/mailman/listinfo/kerberos
>>
>
> Thank you
> Markus
>
>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
More information about the Kerberos
mailing list