You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@directory.apache.org by "Emmanuel Lecharny (Resolved) (JIRA)" <ji...@apache.org> on 2012/01/27 01:45:41 UTC

[jira] [Resolved] (DIRKRB-84) EncryptionTypes are not correctly handled in the server

     [ https://issues.apache.org/jira/browse/DIRKRB-84?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Emmanuel Lecharny resolved DIRKRB-84.
-------------------------------------

    Resolution: Fixed

Fixed with http://svn.apache.org/viewvc?rev=1236474&view=rev
                
> EncryptionTypes are not correctly handled in the server
> -------------------------------------------------------
>
>                 Key: DIRKRB-84
>                 URL: https://issues.apache.org/jira/browse/DIRKRB-84
>             Project: Directory Kerberos
>          Issue Type: Bug
>            Reporter: Emmanuel Lecharny
>            Priority: Blocker
>
> Currently, EncryptionType are stored in a Set, and we compare the expected ETypes passed by the client with the configured ETypes we support in the server. They are both stored in a Set, which is not ordered.
> The problem is that there is nothing like a EType negotiation between the client and the server, so the encrypted data will be encrypted using the strongest Etype found in the list of Etypes, where the leftmost EType is the strongest, and the rightmost is the weaker.
> Using a set is then a guarantee that we will face issues at some point. We must use a List instead.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira