wrong checksum type for arcfour-hmac-md5
Stefan (metze) Metzmacher
metze at samba.org
Thu Sep 16 04:22:38 EDT 2010
Am 15.09.2010 22:02, schrieb Greg Hudson:
> On Wed, 2010-09-15 at 15:48 -0400, Nicolas Williams wrote:
>> And which is easier to patch? I'm not sure. Typically I think of
>> servers as easier to patch than clients -- there's usually many more of
>> the latter than the former. But here it may well matter for the MIT
>> client side to interop with currently deployed Samba servers, for
>> various reasons.
>
> The bug in question is not about interoperating with Samba servers. If
> I understand correctly, it is about Samba client software, in
> combination with MIT krb5 libraries, interoperating with Windows
> servers, when the Samba client software does something patently
> incorrect.
The case that causes the problem, is a samba/cifs.ko client
using MIT krb5 libraries, with a windows KDC against a closed source
3rd party CIFS-Server.
The capture with the windows to windows traffic was just to show that
windows uses md5 checksums in authenticators instead of hmac-md5.
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
Url : http://mailman.mit.edu/pipermail/krbdev/attachments/20100916/4c6bc0a5/attachment.bin
More information about the krbdev
mailing list