Received: from saint-elmos-fire.mit.edu (tlyu@SAINT-ELMOS-FIRE.MIT.EDU [18.18.0.248]) by krbdev.mit.edu (8.9.3) with ESMTP id PAA24671; Tue, 10 Sep 2002 15:18:02 -0400 (EDT) Received: (from tlyu@localhost) by saint-elmos-fire.mit.edu (8.9.3) id PAA16578; Tue, 10 Sep 2002 15:17:52 -0400 (EDT) To: Wolfgang.Friebel@cern.ch Cc: rt-comment@krbdev.mit.edu Subject: Re: [krbdev.mit.edu #1146] string2key gets wrong salt with Heimdal KDC and converted AFS accounts References: <20020809153143.E18541817@pcitdis18.cern.ch> From: Tom Yu Date: Tue, 10 Sep 2002 15:17:52 -0400 In-Reply-To: <20020809153143.E18541817@pcitdis18.cern.ch> (Wolfgang.Friebel@cern.ch's message of "Fri, 9 Aug 2002 17:31:43 +0200 (CEST)") Message-Id: Lines: 19 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii RT-Send-Cc: X-RT-Original-Encoding: us-ascii Content-Length: 788 >>>>> "WF" == Wolfgang Friebel writes: >> Number: 1146 >> Category: krb5-clients >> Synopsis: string2key gets wrong salt with Heimdal KDC and converted AFS accounts >> Description: WF> A Kerberos4 database was converted with Heimdal tools to K5 and is WF> running with a Heimdal KDC Authentication with Heimdal Clients is WF> ok, authentication with MIT clients does not work for the AFS WF> salted entries. New entries and entries that got new enctypes WF> trough a password change do work. Debugging showed that in WF> string2key the salt->data string had a '@' character appended. By WF> removing the trailing character the MIT client works as well. Thanks for the report and the patch; it will appear in an upcoming release. ---Tom