Ticket History #9160: Allow only one salt type per enctype in key data

RT for krbdev.mit.edu

History Show all quoted text — Show full headers

# Thu Feb 06 18:02:26 2025 ghudson@mit.edu (Greg Hudson) - Ticket created

From:	ghudson@mit.edu
Subject:	git commit

Download (untitled) / with headers
text/plain 624B

Allow only one salt type per enctype in key data

In the default libkdb5 password change method, omit requested key/salt
combinations that duplicate an earlier encryption type, even if they
have a different salt type. Any use cases for multiple salts for the
same enctype disappeared with single-DES support. (We already have
this behavior for chrand requests.)

https://github.com/krb5/krb5/commit/367ccd2fcf8b4adb82bfc7ef9b5f04ff94f80326
Author: Greg Hudson <ghudson@mit.edu>
Commit: 367ccd2fcf8b4adb82bfc7ef9b5f04ff94f80326
Branch: master
src/lib/kdb/kdb_cpw.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)

# Thu Feb 06 18:02:26 2025 ghudson@mit.edu (Greg Hudson) - Status changed from 'new' to 'resolved'

# Thu Feb 06 18:02:26 2025 ghudson@mit.edu (Greg Hudson) - Requestor ghudson@mit.edu (Greg Hudson) added

# Mon May 05 18:09:48 2025 ghudson@mit.edu (Greg Hudson) - Version_Fixed 1.22 added