directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Pierre-Arnaud Marcelot (Updated) (JIRA)" <>
Subject [jira] [Updated] (DIRKRB-84) EncryptionTypes are not correctly handled in the server
Date Fri, 27 Jan 2012 14:52:10 GMT


Pierre-Arnaud Marcelot updated DIRKRB-84:

    Fix Version/s: 2.0.0-M5
         Assignee: Emmanuel Lecharny
> EncryptionTypes are not correctly handled in the server
> -------------------------------------------------------
>                 Key: DIRKRB-84
>                 URL:
>             Project: Directory Kerberos
>          Issue Type: Bug
>            Reporter: Emmanuel Lecharny
>            Assignee: Emmanuel Lecharny
>            Priority: Blocker
>             Fix For: 2.0.0-M5
> Currently, EncryptionType are stored in a Set, and we compare the expected ETypes passed
by the client with the configured ETypes we support in the server. They are both stored in
a Set, which is not ordered.
> The problem is that there is nothing like a EType negotiation between the client and
the server, so the encrypted data will be encrypted using the strongest Etype found in the
list of Etypes, where the leftmost EType is the strongest, and the rightmost is the weaker.
> Using a set is then a guarantee that we will face issues at some point. We must use a
List instead.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:!default.jspa
For more information on JIRA, see:


View raw message