[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Heimdal 0.6.1 + 0.5.3

joda@pdc.kth.se (Johan Danielsson) writes:

> "Henry B. Hotz" <hotz@jpl.nasa.gov> writes:
>> Always nice to see new releases.
> We should just try to do them more often.
>> arcfour == rc4 == Windows encryption == Luke Howard's rc4 patch?
> I suppose it's a major component. Love will have to answer this.

Arcfour was broken in 0.6, you could get initial tickets but nothing really
did work after that, luke's patch fixed that. I also wrote GSSAPI support
for arcfour so SASL would work agaist a w2k AD with ldap.

So, its both libkrb5 and libgssapi fixes. This isn't a secure fix, its a
functionally that I though was needed, samba3 doesn't really work w/o it.

> It's not really related to the krb4 thing, but the end result is
> similar.
>> Been meaning to check this:  if you expire the password, expire the
>> principal, or delete the principal does it prevent renewal?  I hope at
>> least one of those does.

The renew tickets fix was only for krb4.


PGP signature