[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Heimdal 0.6.1 + 0.5.3

To: heimdal-discuss@sics.se
Subject: Re: Heimdal 0.6.1 + 0.5.3
From: Love <lha@stacken.kth.se>
Date: Fri, 02 Apr 2004 13:29:44 +0200
In-Reply-To: <xofu102lwvo.fsf@blubb.pdc.kth.se> (Johan Danielsson's messageof "Fri, 02 Apr 2004 08:25:15 +0200")
References: <xofzn9vmyjc.fsf@blubb.pdc.kth.se><p05210605bc9228f787b3@[128.149.220.230]><xofu102lwvo.fsf@blubb.pdc.kth.se>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (berkeley-unix)

joda@pdc.kth.se (Johan Danielsson) writes:

> "Henry B. Hotz" <hotz@jpl.nasa.gov> writes:
>
>> Always nice to see new releases.
>
> We should just try to do them more often.
>
>> arcfour == rc4 == Windows encryption == Luke Howard's rc4 patch?
>
> I suppose it's a major component. Love will have to answer this.

Arcfour was broken in 0.6, you could get initial tickets but nothing really
did work after that, luke's patch fixed that. I also wrote GSSAPI support
for arcfour so SASL would work agaist a w2k AD with ldap.

So, its both libkrb5 and libgssapi fixes. This isn't a secure fix, its a
functionally that I though was needed, samba3 doesn't really work w/o it.

> It's not really related to the krb4 thing, but the end result is
> similar.
>
>> Been meaning to check this:  if you expire the password, expire the
>> principal, or delete the principal does it prevent renewal?  I hope at
>> least one of those does.

The renew tickets fix was only for krb4.

Love

PGP signature

References:
- Re: Heimdal 0.6.1 + 0.5.3
  - From: "Henry B. Hotz" <hotz@jpl.nasa.gov>
- Re: Heimdal 0.6.1 + 0.5.3
  - From: joda@pdc.kth.se (Johan Danielsson)

Prev by Date: Re: Intergrate Heimdal's hdb-ldap and Samba
Next by Date: Re: Intergrate Heimdal's hdb-ldap and Samba
Prev by thread: Re: Heimdal 0.6.1 + 0.5.3
Next by thread: Re: Intergrate Heimdal's hdb-ldap and Samba
Index(es):
- Date
- Thread