[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Auto-detecting broken arcfour-hmac code

To: Jim McDonough <jmcd@us.ibm.com>
Subject: Re: Auto-detecting broken arcfour-hmac code
From: Love <lha@stacken.kth.se>
Date: Tue, 02 Sep 2003 16:08:59 +0200
Cc: heimdal-discuss@sics.se, samba-technical@samba.org
In-Reply-To: <OFA02072A5.3D7D4E1A-ON85256D95.00464B7D-85256D95.004697CD@us.ibm.com> (JimMcDonough's message of "Tue, 2 Sep 2003 06:48:37 -0600")
References: <OFA02072A5.3D7D4E1A-ON85256D95.00464B7D-85256D95.004697CD@us.ibm.com>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Gnus/5.1002 (Gnus v5.10.2) Emacs/21.3 (berkeley-unix)

Jim McDonough <jmcd@us.ibm.com> writes:

> Anyone have any ideas about detecting whether the arcfour-hmac code is
> broken, as before last week or so when the fix was put in the snapshot?
> Samba needs to know and not use it if it's broken, but I'd like to use it
> when possible and not just generally disable it.  THere are a lot of 0.4e
> installs out there...

I would guess that everything older then yet-to-be-released 0.7 is broken.

If you can find a enum KEYTYPE_ARCFOUR_56 in krb5.h, heimdal is probably ok.

I've been thinking about adding a version number to krb5.h

Love

PGP signature

Prev by Date: can not find server or client
Next by Date: OpenSSH support for krb4/afs
Prev by thread: Re: can not find server or client
Next by thread: OpenSSH support for krb4/afs
Index(es):
- Date
- Thread