Revert "Use aes-256-gcm rather than aes-128-cbc"
This reverts commit
e9c92795d87a316ea47f6bf37c9636e86eec57e7.
AESGCM is a neat idea but it is not really appropriate to be used in
mod_auth_gssapi because we cannot gurantee that the nonce will never be
reused. It is not very probable, and it is also not easy to force the
server to generate so many encyrpted sessions to have a good chance of
a collision that I know of, but better to avoid the whole issue, than
risk unforseen cases where it may happen.
projects / mod_auth_gssapi.git / commit