[SCM] Samba Shared Repository - branch v4-0-test updated -
release-4-0-0alpha5-243-gfcabe24
Love Hörnquist Åstrand
lha at kth.se
Fri Aug 8 17:15:08 GMT 2008
>> If the client sends ETypeList with AES it better support AES in the
>> gss_api function.
>>
>> If you extract the keys from the gss-layer you have limit what
>> enctypes
>> the clients support, and then the bug is that ETypeList sends
>> enctypes
>> that the client doesn't support, ie the new
>> gss_krb5_set_allowable_enctypes() doesn't influce the list in
>> ETypeList.
>
> There's no ETypeList in the AP-REQ.
EtypeList is stored in authorization-data (type
KRB5_AUTHDATA_GSS_API_ETYPE_NEGOTIATION)
in the Autheticator, its sent by the client.
Love
More information about the samba-technical
mailing list