Date: Sun, 24 Dec 2023 16:53:43 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 275915] kadmin(d): adding principal crashes in ARCFOUR_string_to_key Message-ID: <bug-275915-227-z9X9reagv4@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-275915-227@https.bugs.freebsd.org/bugzilla/> References: <bug-275915-227@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D275915 --- Comment #1 from Lexi <lexi.freebsd@le-fay.org> --- this seems to be caused by having arcfour-hmac-md5 in the kadmin default_ke= ys list, which is present by default, along with OpenSSL's MD4 not working for some reason: # openssl md4 Error setting digest 00206156FE410000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:/data/src/releng/14.0/crypto/o= penssl/crypto/evp/evp_fetch.c:373:Global default library context, Algorithm (MD4 : 72), Properties () 00206156FE410000:error:03000086:digital envelope routines:evp_md_init_internal:initialization error:/data/src/releng/14.0/crypto/openssl/crypto/evp/digest.c:254: i fixed the problem by setting 'default_keys =3D aes256-cts-hmac-sha1-96:pw= -salt' in krb5.conf, but this should probably report a useful error instead of crashing. is a patch to fix the error reporting useful, or does this need to go to heimdal upstream first? --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-275915-227-z9X9reagv4>