On 26 jul 2013, at 10:57, Sergio Gelato sergio.gel...@astro.su.se wrote:
* Andrew Deason [2013-07-25 14:35:58 -0500]:
On Thu, 25 Jul 2013 15:22:50 -0400 (EDT)
Benjamin Kaduk ka...@mit.edu wrote:
On Thu, 25 Jul 2013, Sergio Gelato wrote:
I've been poking a bit into this. First of all,
* Ragnar Sundblad [2013-07-26 11:43:57 +0200]:
On 26 jul 2013, at 10:57, Sergio Gelato sergio.gel...@astro.su.se wrote:
Secondly, the following patch is required:
--- a/kdc/kerberos5.c
+++ b/kdc/kerberos5.c
@@ -183,9 +183,10 @@
}
}
if (clientbest !=
On 26 jul 2013, at 12:18, Sergio Gelato sergio.gel...@astro.su.se wrote:
* Ragnar Sundblad [2013-07-26 11:43:57 +0200]:
On 26 jul 2013, at 10:57, Sergio Gelato sergio.gel...@astro.su.se wrote:
Secondly, the following patch is required:
--- a/kdc/kerberos5.c
+++ b/kdc/kerberos5.c
@@
* Ragnar Sundblad [2013-07-26 13:01:00 +0200]:
I believe you should change the test to also check that ret_key == NULL:
if (clientbest != ETYPE_NULL enctype == ETYPE_NUL ret_key ==
NULL) {
enctype = clientbest;
ret = 0;
}
since if there is no common
On Fri, Jul 26, 2013 at 7:33 AM, Sergio Gelato sergio.gel...@astro.su.sewrote:
* Ragnar Sundblad [2013-07-26 13:01:00 +0200]:
I believe you should change the test to also check that ret_key ==
NULL:
if (clientbest != ETYPE_NULL enctype == ETYPE_NUL
ret_key == NULL) {
Derrick Brashear sha...@gmail.com writes:
Sergio Gelato sergio.gel...@astro.su.sewrote:
I'm compiling my next (and hopefully final) iteration right now.
I went for this variant:
if (clientbest != (krb5_enctype)ETYPE_NULL
enctype == (krb5_enctype)ETYPE_NULL) {
On Fri, Jul 26, 2013 at 4:39 PM, Russ Allbery r...@stanford.edu wrote:
Derrick Brashear sha...@gmail.com writes:
Sergio Gelato sergio.gel...@astro.su.sewrote:
I'm compiling my next (and hopefully final) iteration right now.
I went for this variant:
if (clientbest !=
Hi,
In the cell rekeying instructions found at
http://openafs.org/pages/security/how-to-rekey.txt, there is a note for
sites using Heimdal KDCs. It mentions a bug present in certain versions
of the Heimdal KDC software which completely disables DES on the AFS
service principal when following
On Thu, 2013-07-25 at 09:11 -0400, step...@physics.unc.edu wrote:
Hi,
In the cell rekeying instructions found at
http://openafs.org/pages/security/how-to-rekey.txt, there is a note for
sites using Heimdal KDCs. It mentions a bug present in certain versions
of the Heimdal KDC software