krb5-1.8 fails to verify MS PAC Checksum when AES 256 is used causing sshd to fail

[Greg Hudson]

On Fri, 2010-07-02 at 10:44 -0400, Douglas E. Engert wrote:
> But here is a patch that does work (only minimal testing was done):

I've fleshed out this patch to include appropriate safeties, committed
it to the trunk, and tagged it for pullup to 1.8.3.  Thanks for the
effort in narrowing this down to the point where it was easy for us.