On Thu, 23 Jul 2015, Christian Heimes wrote:
This patch removes the dependency on M2Crypto in favor for cryptography.
Cryptography is more strict about the key size and doesn't support
non-standard key sizes:

from M2Crypto import RC4
from ipaserver.dcerpc import arcfour_encrypt
arcfour_encrypt(b'key', b'data')
Traceback (most recent call last):
ValueError: Invalid key size (24) for RC4.

Standard key sizes 40, 56, 64, 80, 128, 192 and 256 are supported:

arcfour_encrypt(b'key12', b'data')
Note that we are using NTLMv2 or Kerberos user session keys which are
128 bit long in this context.

And please rework the spec file change as Honza noted.
/ Alexander Bokovoy

Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to