Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.507 (Entity 5.507)
From: ghudson@mit.edu
Subject: git commit
RT-Send-CC:
X-RT-Original-Encoding: iso-8859-1
Content-Length: 691


Omit AS-REP etype-info for replaced reply keys

etype-info in AS-REP is currently only useful when no
pre-authentication took place.  Don't send it if a preauth mech
replaced the reply key, as we can't send something consistently
meaningful (the enctype must match the replaced reply key per RFC
4120, but the salt from the client key data corresponds to the initial
reply key).

https://github.com/krb5/krb5/commit/9dadcd682c1a9c47bbea8182d82faa89ede3daaf
Author: Greg Hudson <ghudson@mit.edu>
Commit: 9dadcd682c1a9c47bbea8182d82faa89ede3daaf
Branch: master
 src/kdc/kdc_preauth.c |   51 ++++++++++++++++++++++++++++++++----------------
 1 files changed, 34 insertions(+), 17 deletions(-)