Andrew Bartlett 975e43fc45 CVE-2022-37966 kdc: Implement new Kerberos session key behaviour since ENC_HMAC_SHA1_96_AES256_SK was added ...

ENC_HMAC_SHA1_96_AES256_SK is a flag introduced for by Microsoft in this
CVE to indicate that additionally, AES session keys are available. We
set the etypes available for session keys depending on the encryption
types that are supported by the principal.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15219

Pair-Programmed-With: Joseph Sutton <josephsutton@catalyst.net.nz>

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

2022-12-13 13:07:30 +00:00

..

aesni-intel

lib:crypto: Build intel aes-ni only if GnuTLS doesn't provide AES CMAC

2019-12-10 20:30:57 +00:00

cmocka

third_party:cmocka: Fix build when used in lib/tevent

2021-07-07 05:07:30 +00:00

gpfs

third_party: Update gpfs.h to 5.0.5.3 version

2020-10-05 20:06:04 +00:00

heimdal

CVE-2022-37966 kdc: Implement new Kerberos session key behaviour since ENC_HMAC_SHA1_96_AES256_SK was added

2022-12-13 13:07:30 +00:00

heimdal_build

krb5: Detect support for krb5_const_pac type

2022-11-08 02:39:37 +00:00

nss_wrapper

third_party: Update nss_wrapper to version 1.1.13

2022-11-09 23:15:07 +00:00

pam_wrapper

third_party: Update pam_wrapper to version 1.1.4

2021-10-28 19:03:04 +00:00

popt

third_party/popt/wscript: update to handle waf 2.0.4

2018-09-05 06:37:24 +02:00

resolv_wrapper

waf: Fix resolv_wrapper with glibc 2.34

2021-11-05 11:44:30 +00:00

socket_wrapper

third_party: Update socket_wrapper to version 1.3.5

2022-11-24 11:01:37 +00:00

uid_wrapper

third_party: Link uid_wrapper against pthread

2019-09-25 15:39:40 +00:00

waf

third_party: Reformat shell scripts

2022-08-10 14:14:04 +00:00

update.sh

third_party: Reformat shell scripts

2022-08-10 14:14:04 +00:00

wscript

third_party:waf: Do not recurse in aesni-intel if GnuTLS provides the cipher

2022-04-04 19:31:28 +00:00