From assar@pdc.kth.se Mon Mar 26 00:56:27 2001 Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.72.0.53]) by rt-11.mit.edu (8.9.3/8.9.3) with ESMTP id AAA01487 for ; Mon, 26 Mar 2001 00:56:26 -0500 (EST) Received: from ratatosk.pdc.kth.se (ratatosk.pdc.kth.se [193.10.159.41]) by fort-point-station.mit.edu (8.9.2/8.9.2) with ESMTP id AAA17304; Mon, 26 Mar 2001 00:56:25 -0500 (EST) Received: (from assar@localhost) by ratatosk.pdc.kth.se (8.11.1/8.11.1) id f2Q5u9c314731; Mon, 26 Mar 2001 07:56:09 +0200 (CEST) Message-Id: <200103260556.f2Q5u9c314731@ratatosk.pdc.kth.se> Date: Mon, 26 Mar 2001 07:56:09 +0200 (CEST) From: assar@sics.se To: krb5-bugs@mit.edu Cc: hartmans@mit.edu Subject: krb524 only handles des-cbc-crc tickets X-Send-Pr-Version: 3.99 >Number: 933 >Category: krb5-kdc >Synopsis: krb524 only handles des-cbc-crc tickets >Confidential: no >Severity: serious >Priority: high >Responsible: krb5-unassigned >State: open >Class: sw-bug >Submitter-Id: unknown >Arrival-Date: Mon Mar 26 00:57:01 EST 2001 >Last-Modified: >Originator: Assar Westerlund >Organization: heimdal hackers >Release: krb5-1.2.2 >Environment: any >Description: krb524 can only convert des-cbc-crc tickets and no other des enctyped ones >How-To-Repeat: Get some other kind of ticket and try to do 524 >Fix: --- cnv_tkt_skey.c~ Wed Feb 28 23:07:28 2001 +++ cnv_tkt_skey.c Tue Mar 6 22:40:25 2001 @@ -84,7 +84,9 @@ return ret; } - if (v5etkt->session->enctype != ENCTYPE_DES_CBC_CRC || + if ((v5etkt->session->enctype != ENCTYPE_DES_CBC_CRC && + v5etkt->session->enctype != ENCTYPE_DES_CBC_MD4 && + v5etkt->session->enctype != ENCTYPE_DES_CBC_MD5) || v5etkt->session->length != sizeof(C_Block)) { if (krb524_debug) fprintf(stderr, "v5 session keyblock type %d length %d != C_Block size %d\n", >Audit-Trail: >Unformatted: