Greg Hudson wrote: > I've checked in the following fix, which is to treat > krb5_c_enctype_compare errors as non-fatal. If the ktype argument is > invalid, no kvno will match and the function will eventually return > KRB5_KDB_NO_MATCHING_KEY, which I think is fine; if the key entry > enctype is invalid, then we'll move on to the next key entry as we used > to do (more by accident than by design, but it's reasonable behavior). > Thank you for looking into this, and for the quick response. I applied the kdb_default.c patch to our 1.8.3 build, and verified that it works as expected.
________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
