On Sun, 15 Dec 2013, Glen Barber wrote:
On Mon, Dec 16, 2013 at 02:30:57AM +0000, Benjamin Kaduk wrote:
Author: bjk (doc committer)
Date: Mon Dec 16 02:30:56 2013
New Revision: 259449
URL: http://svnweb.freebsd.org/changeset/base/259449
Log:
MFC r259286,259424,259425:
Apply patch from upstream Heimdal for encoding fix
RFC 4402 specifies the implementation of the gss_pseudo_random()
function for the krb5 mechanism (and the C bindings therein).
The implementation uses a PRF+ function that concatenates the output
of individual krb5 pseudo-random operations produced with a counter
and seed. The original implementation of this function in Heimdal
incorrectly encoded the counter as a little-endian integer, but the
RFC specifies the counter encoding as big-endian. The implementation
initializes the counter to zero, so the first block of output (16 octets,
for the modern AES enctypes 17 and 18) is unchanged. (RFC 4402 specifies
that the counter should begin at 1, but both existing implementations
begin with zero and it looks like the standard will be re-issued, with
test vectors, to begin at zero.)
This breaks stable/8 build.
Looking...
-Ben
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
