kerberos_derive_salting_principal() is bogus code
jra at samba.org
Wed Jul 5 22:21:03 GMT 2006
On Wed, Jul 05, 2006 at 05:14:03PM -0500, Gerald (Jerry) Carter wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> Unless I am badly mistaken, this is cannot work. I've even
> stepped though with gdb and we never actually succeed in derving
> the salting principal for DES keys. Here's why:
> kerberos_derive_salting_principal_for_enctype() sends a TGS
> for the proposed service principal and then tries to decrypt
> it with the passed in encytype. The problem
> is that the service ticket will always be sealed with the
> the strongest key associated with the principal which in
> an AD domain is always RC4-HMAC. But we always skip this
> enctype in kerberos_derive_salting_principal_direct().
> I just don't see any point to this code at all.
What if this were an smbclient kerborized connection
using an MIT kdc ? I do recall the person who sent
in this code originally was using an MIT kdc (although
I could have been mistaken, it was a while ago).
More information about the samba-technical