diff options
author | Alexander Bokovoy <abokovoy@redhat.com> | 2013-09-10 11:56:40 +0300 |
---|---|---|
committer | Petr Viktorin <pviktori@redhat.com> | 2013-09-20 09:59:02 +0200 |
commit | a9843d6918f73c2236d0083b1e8adf54ca34eb0d (patch) | |
tree | 472a5f71c56a27e0c47d6e16d5c254acb5933e6e /ipatests/test_ipaserver | |
parent | 860a3ff6477db1004773742e019603032239991e (diff) | |
download | freeipa-a9843d6918f73c2236d0083b1e8adf54ca34eb0d.tar.gz freeipa-a9843d6918f73c2236d0083b1e8adf54ca34eb0d.tar.xz freeipa-a9843d6918f73c2236d0083b1e8adf54ca34eb0d.zip |
ipa-sam: report supported enctypes based on Kerberos realm configuration
We store Kerberos realm configuration in cn=REALM,cn=kerberos,$SUFFIX.
Along other configuration options, this container has list of default
supported encryption types, in krbDefaultEncSaltTypes.
Fetch krbDefaultEncSaltTypes value on ipa-sam initialization and convert
discovered list to the mask of supported encryption types according to
security.idl from Samba:
typedef [public,bitmap32bit] bitmap {
KERB_ENCTYPE_DES_CBC_CRC = 0x00000001,
KERB_ENCTYPE_DES_CBC_MD5 = 0x00000002,
KERB_ENCTYPE_RC4_HMAC_MD5 = 0x00000004,
KERB_ENCTYPE_AES128_CTS_HMAC_SHA1_96 = 0x00000008,
KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96 = 0x00000010
} kerb_EncTypes;
Part of https://fedorahosted.org/freeipa/ticket/3898
Diffstat (limited to 'ipatests/test_ipaserver')
0 files changed, 0 insertions, 0 deletions