[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Poor error handling on expired cerficates

In Samba's snapshot of Heimdal, we have been having some trouble with
expired certificates and PKINIT.

The error we were getting was 'salt type 3 not valid' (caused because a
PKINIT error reply doesn't send normal encryption types), rather than a
sensible error.  

This should be easily reproduced by grabbing Samba4 alpha2, or I can
post the certificates we were using.  

Andrew Bartlett
Andrew Bartlett
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.

This is a digitally signed message part