From: | tlyu@mit.edu |
Subject: | SVN Commit |
With allow_weak_crypto=false, set_default_enctype_var() (helper
function for krb5_set_default_tgs_enctypes(), etc.) was rejecting any
application-provided enctype list that contained any weak enctype even
when valid strong enctypes were present. This broke some Samba
things. Filter the weak enctypes instead. Add test cases.
Reported to Debian by Holger Isenberg. (Debian bug #566977)
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566977
Thanks to Simo Sorce for testing.
https://github.com/krb5/krb5/commit/15734117beac425fe4e7b5a513af497115eff687
Commit By: tlyu
Revision: 23681
Changed Files:
U trunk/src/lib/krb5/krb/init_ctx.c
U trunk/src/lib/krb5/krb/t_etypes.c