diff options
Diffstat (limited to 'source4/heimdal')
| -rw-r--r-- | source4/heimdal/kdc/kerberos5.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/source4/heimdal/kdc/kerberos5.c b/source4/heimdal/kdc/kerberos5.c index ccfa35b638..565c7478f9 100644 --- a/source4/heimdal/kdc/kerberos5.c +++ b/source4/heimdal/kdc/kerberos5.c @@ -1099,6 +1099,12 @@ _kdc_as_rep(krb5_context context, pa->padata_value.data = NULL; #endif + /* RFC4120 requires: + - If the client only knows about old enctypes, then send both info replies + (we send 'info' first in the list). + - If the client is 'modern', because it knows about 'new' enc types, then + only send the 'info2' reply. + */ /* XXX check ret */ if (only_older_enctype_p(req)) ret = get_pa_etype_info(context, config, &method_data, &client->entry, |