heimdal: remove KRB5_PADATA_CLIENT_CANONICALIZED handling
Stefan (metze) Metzmacher
metze at samba.org
Thu Mar 12 02:26:50 MDT 2015
here are some patches to remove the KRB5_PADATA_CLIENT_CANONICALIZED
from heimdal. This PADATA types uses number 133 which is now assigned to
PA-FX-COOKIE in rfc6113.
KRB5_PADATA_CLIENT_CANONICALIZED was specified in
but it was removed in the final rfc6806. The protection can be archived
by using FAST (rfc6113).
I noticed that our KDC uses KRB5_PADATA_CLIENT_CANONICALIZED in its
responses, while I improved the wireshark kerberos dissector.
has support for FAST (rfc6113) and a lot of other stuff from [MS-KILE],
[MS-SFU] and [MS-PAC].
These patches are also part of my master4-forest-ok branch
which Günther is currently reviewing.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 181 bytes
Desc: OpenPGP digital signature
More information about the samba-technical