sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-20 22:50:26 +03:00
Code

Revert "make paranoia check less paranoid" - check that key types strictly match

Browse Source 
This reverts commit c25af51232616061bb08eea86aae595b4f029490 because
otherwise we could attempt to check a CKSUMTYPE_HMAC_SHA1_96_AES_256 key with a
KRB5_ENCTYPE_ARCFOUR_HMAC_MD5 key.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Thu Jan 12 09:43:07 CET 2012 on sn-devel-104
This commit is contained in:
Andrew Bartlett 2011-12-15 12:29:01 +11:00
parent 3628f34aa3
commit bd164acb82
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
source4/heimdal/lib/krb5/crypto.c
View File

@ -454,7 +454,7 @@ verify_checksum(krb5_context context,
return KRB5_PROG_SUMTYPE_NOSUPP; /* XXX */
}
kct = crypto->et->keyed_checksum;
if (kct != NULL && kct->type != ct->type) {
if (kct == NULL || kct->type != ct->type) {
krb5_set_error_message(context, KRB5_PROG_SUMTYPE_NOSUPP,
N_("Checksum type %s is keyed, but "
"the key type %s passed didnt have that checksum "