diff options
| author | Ken Raeburn <raeburn@mit.edu> | 1999-09-01 21:55:49 +0000 |
|---|---|---|
| committer | Ken Raeburn <raeburn@mit.edu> | 1999-09-01 21:55:49 +0000 |
| commit | b8c79298858dcc1b71e7548f6a1d8f6cf22597b9 (patch) | |
| tree | b4074f7667ce9bb5a22507901418252f6cef9caa /src/lib/krb5/krb/init_ctx.c | |
| parent | ef44e67d78dab13dd741d808a3617f1def40f481 (diff) | |
| download | krb5-b8c79298858dcc1b71e7548f6a1d8f6cf22597b9.zip krb5-b8c79298858dcc1b71e7548f6a1d8f6cf22597b9.tar.gz krb5-b8c79298858dcc1b71e7548f6a1d8f6cf22597b9.tar.bz2 | |
from 1.1 branch:
* init_ctx.c (get_profile_etype_list): Update name of the des3 entry in the
default etype list.
* init_ctx.c (get_profile_etype_list): New argument DESONLY; if set, ignore any
ktype values other than NULL, DES_CBC_CRC, and DES_CBC_MD5.
(krb5_get_default_in_tkt_ktypes, krb5_get_tgs_ktypes): Set it.
(krb5_get_permitted_enctypes): Don't set it.
* fwd_tgt.c (krb5_fwd_tgt_creds): Use KRB5_TC_SUPPORTED_KTYPES when calling
krb5_cc_retrieve_cred.
* gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): Ditto.
* get_creds.c (krb5_get_credentials_core): Set that flag.
(krb5_get_credentials): Check for KRB5_CC_NOT_KTYPE error return.
* t_ser.c (main): Disable eblock serialization test, since the code it tests
was disabled nearly a year ago.
* str_conv.c (krb5_timestamp_to_sfstring): Don't pass extra argument to
sprintf.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11779 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/krb5/krb/init_ctx.c')
| -rw-r--r-- | src/lib/krb5/krb/init_ctx.c | 26 |
1 files changed, 20 insertions, 6 deletions
diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c index 2ddd2d0..8137843 100644 --- a/src/lib/krb5/krb/init_ctx.c +++ b/src/lib/krb5/krb/init_ctx.c @@ -250,12 +250,13 @@ krb5_set_default_in_tkt_ktypes(context, ktypes) } static krb5_error_code -get_profile_etype_list(context, ktypes, profstr, ctx_count, ctx_list) +get_profile_etype_list(context, ktypes, profstr, ctx_count, ctx_list, desonly) krb5_context context; krb5_enctype **ktypes; char *profstr; int ctx_count; krb5_enctype FAR *ctx_list; + int desonly; { krb5_enctype *old_ktypes; @@ -283,7 +284,7 @@ get_profile_etype_list(context, ktypes, profstr, ctx_count, ctx_list) code = profile_get_string(context->profile, "libdefaults", profstr, NULL, - "des3-hmac-sha1 des-cbc-md5 des-cbc-crc", + "des3-cbc-sha1 des-cbc-md5 des-cbc-crc", &retval); if (code) return code; @@ -313,8 +314,21 @@ get_profile_etype_list(context, ktypes, profstr, ctx_count, ctx_list) j = 0; i = 1; while (1) { - if (! krb5_string_to_enctype(sp, &old_ktypes[j])) + if (! krb5_string_to_enctype(sp, &old_ktypes[j])) { + switch (old_ktypes[j]) { + default: + if (desonly) + /* Other types not supported yet. */ + break; + /* else fall through */ + + case ENCTYPE_NULL: + case ENCTYPE_DES_CBC_CRC: + case ENCTYPE_DES_CBC_MD5: j++; + break; + } + } if (i++ >= count) break; @@ -339,7 +353,7 @@ krb5_get_default_in_tkt_ktypes(context, ktypes) { return(get_profile_etype_list(context, ktypes, "default_tkt_enctypes", context->in_tkt_ktype_count, - context->in_tkt_ktypes)); + context->in_tkt_ktypes, 1)); } krb5_error_code @@ -382,7 +396,7 @@ krb5_get_tgs_ktypes(context, princ, ktypes) { return(get_profile_etype_list(context, ktypes, "default_tgs_enctypes", context->tgs_ktype_count, - context->tgs_ktypes)); + context->tgs_ktypes, 1)); } krb5_error_code @@ -392,7 +406,7 @@ krb5_get_permitted_enctypes(context, ktypes) { return(get_profile_etype_list(context, ktypes, "permitted_enctypes", context->tgs_ktype_count, - context->tgs_ktypes)); + context->tgs_ktypes, 0)); } krb5_boolean |