Sequence number without mutual auth

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Sequence number without mutual auth

Weijun Wang
Without mutual auth, the acceptor has no chance to send an initial sequence number to the initiator, so they must agree on a default one.

In my experiment, it looks like MIT krb5 and Windows are reusing the initiator's initial sequence number and Heimdal is using 0.

Am I right? If so, is there a way to write an app that works for all of them? Or the acceptor simply should not send anything when there is no mutual auth?


krbdev mailing list             [hidden email]