[PATCH] Add KDC test to check cipher selection
Andreas Schneider
asn at samba.org
Wed Jul 6 10:13:49 UTC 2016
On Tuesday, 5 July 2016 17:10:54 CEST Andrew Bartlett wrote:
> On Mon, 2016-07-04 at 15:53 +0200, Andreas Schneider wrote:
> > Hello,
> >
> > Günther made a patch 2 years ago for Samba AD DC with MIT Kerberos.
> > Metze
> > asked for a test to see if it is only needed for MIT. So first I
> > wrote the MIT
> > testcase:
> >
> > https://git.samba.org/?p=asn/samba.git;a=shortlog;h=refs/heads/master
> > -mit-kdc
> >
> > and wrote one for Heimdal now:
> >
> > https://git.samba.org/?p=asn/samba.git;a=shortlog;h=refs/heads/master
> > -kdc
> >
> > The patch is only needed for MIT Kerberos but I need to find out why
> > MIT
> > doesn't select the strongest key but let the KDB module decide which
> > to use
> > ...
> >
> > The new test is also attached.
> >
> >
> > Review and push appreciated!
>
> Please add your signed-off-by, otherwise:
>
> Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Thanks you very much, but as the changes are bigger and I added helper macros
and needed to disable the AES test for fl2000dc I'm resubmitting them.
Please have a look again.
Thanks!
-- andreas
--
Andreas Schneider GPG-ID: CC014E3D
Samba Team asn at samba.org
www.samba.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-s4-torture-Add-torture_check_krb5_error-function.patch
Type: text/x-patch
Size: 10126 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20160706/a58a441c/0001-s4-torture-Add-torture_check_krb5_error-function.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-s4-torture-Add-AES-and-RC4-enctype-checks.patch
Type: text/x-patch
Size: 10415 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20160706/a58a441c/0002-s4-torture-Add-AES-and-RC4-enctype-checks.bin>
More information about the samba-technical
mailing list