another similar enctype issue
Will Fiveash
William.Fiveash at sun.com
Sun Oct 2 23:57:44 EDT 2005
On Sun, Oct 02, 2005 at 10:47:17PM -0500, Will Fiveash wrote:
>
> 2. The KDC is then using the enctype found in the client key
> (des-cbc-md5) which may not be a literal match to that requested in
> the AS_REQ (des-cbc-crc). See return_etype_info2(). This appears to
> be a bug as the client code is doing a literal comparion of the
> padata enctype in the AS_REP with those it requested.
What I did not spell out completely is that the KDC is setting the
enctype in the padata PA-ETYPE-INFO2 to that of the client key which may
not literally be what was in the AS_REQ.
--
Will Fiveash
Sun Microsystems Inc.
Austin, TX, USA (TZ=CST6CDT)
More information about the krbdev
mailing list