Received: from luminous.mit.edu (LUMINOUS.MIT.EDU [18.101.1.61]) by krbdev.mit.edu (8.9.3p2) with ESMTP id WAA05448; Thu, 29 Apr 2004 22:52:12 -0400 (EDT)
Received: by luminous.mit.edu (Postfix, from userid 1000) id 9938276632; Thu, 29 Apr 2004 22:53:18 -0400 (EDT)
To: rt@krbdev.mit.edu
Cc: 
Subject: Re: [krbdev.mit.edu #2545] AFS string_to_key broken for passwords > 8 chars
References: <rt-2545-10860.18.303454538754@krbdev.mit.edu>
From: Sam Hartman <hartmans@mit.edu>
Date: Thu, 29 Apr 2004 22:53:18 -0400
In-Reply-To: <rt-2545-10860.18.303454538754@krbdev.mit.edu> (The RT System itself via's message of "Thu, 29 Apr 2004 18:29:37 -0400 (EDT)")
Message-Id: <87y8oeyy5d.fsf@luminous.mit.edu>
User-Agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
RT-Send-Cc: 
X-RT-Original-Encoding: us-ascii
Content-Length: 208


One work around might be to convince the Heimdal KDC to send the
appropriate etype_info2 s2kparams to indicate that the AFS3 salt
should be used.  If your KDC does this, our code should do the right
thing.