From nobody Sat Sep 4 18:27:53 2021 X-Original-To: bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id BACCE17AA394 for ; Sat, 4 Sep 2021 18:27:54 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4H237G4rgKz3NpL for ; Sat, 4 Sep 2021 18:27:54 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 867431C6C5 for ; Sat, 4 Sep 2021 18:27:54 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 184IRsCU023855 for ; Sat, 4 Sep 2021 18:27:54 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 184IRsJv023854 for bugs@FreeBSD.org; Sat, 4 Sep 2021 18:27:54 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 258236] krb5.conf man page Date: Sat, 04 Sep 2021 18:27:53 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Documentation X-Bugzilla-Component: Manual Pages X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: bjk@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-bugs@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D258236 Benjamin Kaduk changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |bjk@FreeBSD.org --- Comment #1 from Benjamin Kaduk --- I think this is not a bug in FreeBSD, but rather an unfortunate consequence= of having two kerberos implementations installed, with MANPATH and PATH search= ing in different orders. The kerberos included in the base system is an older version of heimdal kerberos, which notably does not include support for the RFC 8009 enctypes (i.e., aes128-cts-hmac-sha256-128 and aes256-cts-hmac-sha384-192). The krb5.conf manual you are reading is from that same heimdal kerberos distribution, and rightly does not document those enctypes. Given that you can use the RFC 8009 enctypes (or, at least, see them offere= d), you must have security/krb5 (or security/heimdal) installed. It seems that upstream heimdal has not updated the list of enctypes in their krb5.conf.5,= and a bug report against https://github.com/heimdal/heimdal/issues would be use= ful. MIT krb5 does not list enctypes in the krb5.conf manual directly, referenc= ing a list of encryption types in the kdc.conf manual instead, so you are surely looking at a heimdal-derived krb5.conf manual. --=20 You are receiving this mail because: You are the assignee for the bug.=