Andrew Bartlett 975e43fc45 CVE-2022-37966 kdc: Implement new Kerberos session key behaviour since ENC_HMAC_SHA1_96_AES256_SK was added ... ENC_HMAC_SHA1_96_AES256_SK is a flag introduced for by Microsoft in this CVE to indicate that additionally, AES session keys are available. We set the etypes available for session keys depending on the encryption types that are supported by the principal. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15219 Pair-Programmed-With: Joseph Sutton <josephsutton@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org>		2022-12-13 13:07:30 +00:00
..
aesni-intel	lib:crypto: Build intel aes-ni only if GnuTLS doesn't provide AES CMAC	2019-12-10 20:30:57 +00:00
cmocka	third_party:cmocka: Fix build when used in lib/tevent	2021-07-07 05:07:30 +00:00
gpfs	third_party: Update gpfs.h to 5.0.5.3 version	2020-10-05 20:06:04 +00:00
heimdal	CVE-2022-37966 kdc: Implement new Kerberos session key behaviour since ENC_HMAC_SHA1_96_AES256_SK was added	2022-12-13 13:07:30 +00:00
heimdal_build	krb5: Detect support for krb5_const_pac type	2022-11-08 02:39:37 +00:00
nss_wrapper	third_party: Update nss_wrapper to version 1.1.13	2022-11-09 23:15:07 +00:00
pam_wrapper	third_party: Update pam_wrapper to version 1.1.4	2021-10-28 19:03:04 +00:00
popt	third_party/popt/wscript: update to handle waf 2.0.4	2018-09-05 06:37:24 +02:00
resolv_wrapper	waf: Fix resolv_wrapper with glibc 2.34	2021-11-05 11:44:30 +00:00
socket_wrapper	third_party: Update socket_wrapper to version 1.3.5	2022-11-24 11:01:37 +00:00
uid_wrapper	third_party: Link uid_wrapper against pthread	2019-09-25 15:39:40 +00:00
waf	third_party: Reformat shell scripts	2022-08-10 14:14:04 +00:00
update.sh	third_party: Reformat shell scripts	2022-08-10 14:14:04 +00:00
wscript	third_party:waf: Do not recurse in aesni-intel if GnuTLS provides the cipher	2022-04-04 19:31:28 +00:00