diff options
author | Greg Hudson <ghudson@mit.edu> | 2022-12-14 13:20:46 -0500 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2023-01-23 18:41:09 -0500 |
commit | 2cbd847e0e92bc4e219b65c770ae33f851b22afc (patch) | |
tree | 6e87d90dbd0cd9d50d2499223ef88ff29c5bb22e /src/tests/t_keyrollover.py | |
parent | fc922496edbc73cd47b812c92c61b2544d317198 (diff) | |
download | krb5-2cbd847e0e92bc4e219b65c770ae33f851b22afc.zip krb5-2cbd847e0e92bc4e219b65c770ae33f851b22afc.tar.gz krb5-2cbd847e0e92bc4e219b65c770ae33f851b22afc.tar.bz2 |
In KDC, assume all services support aes256-sha1
To facilitate negotiating session keys with acceptable security,
assume that services support aes256-cts-hmac-sha1 unless a
session_enctypes string attribute says otherwise.
ticket: 9075
Diffstat (limited to 'src/tests/t_keyrollover.py')
-rwxr-xr-x | src/tests/t_keyrollover.py | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/tests/t_keyrollover.py b/src/tests/t_keyrollover.py index 2c825a6..e9840df 100755 --- a/src/tests/t_keyrollover.py +++ b/src/tests/t_keyrollover.py @@ -22,9 +22,9 @@ realm.run([kvno, princ1]) realm.run([kadminl, 'purgekeys', realm.krbtgt_princ]) # Make sure an old TGT fails after purging old TGS key. realm.run([kvno, princ2], expected_code=1) -et = "aes128-cts-hmac-sha256-128" -msg = 'krbtgt/%s@%s\n\tEtype (skey, tkt): %s, %s' % \ - (realm.realm, realm.realm, et, et) +msg = 'krbtgt/%s@%s\n\tEtype (skey, tkt): ' \ + 'aes256-cts-hmac-sha1-96, aes128-cts-hmac-sha256-128' % \ + (realm.realm, realm.realm) realm.run([klist, '-e'], expected_msg=msg) # Check that new key actually works. |