diff options
| author | Theodore Tso <tytso@mit.edu> | 1995-09-07 21:56:02 +0000 |
|---|---|---|
| committer | Theodore Tso <tytso@mit.edu> | 1995-09-07 21:56:02 +0000 |
| commit | 4e445f5c1dadc29b5aa1da8d4afd93a5db5ae72f (patch) | |
| tree | 23aec6af307285645952a5e17b2ca60b413cdeb6 /src/kadmin/v5server | |
| parent | 76b15333844125269f0875fb5cfde804f8768fe8 (diff) | |
| download | krb5-4e445f5c1dadc29b5aa1da8d4afd93a5db5ae72f.tar.gz krb5-4e445f5c1dadc29b5aa1da8d4afd93a5db5ae72f.tar.xz krb5-4e445f5c1dadc29b5aa1da8d4afd93a5db5ae72f.zip | |
Globally change use of ENCTYPE_DES_CBC_MD5 to DEFAULT_KDC_ENCTYPE, so
that we use the same encryption type by default for all KDC server
programs.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6737 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kadmin/v5server')
| -rw-r--r-- | src/kadmin/v5server/srv_key.c | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/src/kadmin/v5server/srv_key.c b/src/kadmin/v5server/srv_key.c index e5faa2ded..4caa272fb 100644 --- a/src/kadmin/v5server/srv_key.c +++ b/src/kadmin/v5server/srv_key.c @@ -98,7 +98,7 @@ static int key_num_ktents = 0; static krb5_key_salt_tuple *key_ktents = (krb5_key_salt_tuple *) NULL; static int key_ktents_inited = 0; static krb5_key_salt_tuple default_ktent = { - ENCTYPE_DES_CBC_MD5, KRB5_KDB_SALTTYPE_NORMAL + DEFAULT_KDC_ENCTYPE, KRB5_KDB_SALTTYPE_NORMAL }; static char *key_db_name = (char *) NULL; @@ -132,10 +132,10 @@ key_get_admin_entry(kcontext) */ admin_princ_name = (char *) malloc((size_t) ((2*strlen(realm_name)) + 3 + - strlen(KRB5_ADM_SERVICE_NAME))); + strlen(KRB5_ADM_SERVICE_INSTANCE))); if (admin_princ_name) { /* Format the admin name */ - sprintf(admin_princ_name, "%s/%s@%s", KRB5_ADM_SERVICE_NAME, + sprintf(admin_princ_name, "%s/%s@%s", KRB5_ADM_SERVICE_INSTANCE, realm_name, realm_name); DPRINT(DEBUG_REALM, key_debug_level, ("- setting up admin principal %s\n", admin_princ_name)); @@ -318,14 +318,14 @@ key_get_admin_entry(kcontext) xxx.key_data = madmin_keys; if (krb5_dbe_find_enctype(kcontext, &xxx, - ENCTYPE_DES_CBC_MD5, + DEFAULT_KDC_ENCTYPE, -1, -1, &kdata)) kdata = &madmin_keys[0]; memset(&madmin_key, 0, sizeof(krb5_keyblock)); - madmin_key.enctype = ENCTYPE_DES_CBC_MD5; + madmin_key.enctype = DEFAULT_KDC_ENCTYPE; madmin_key.length = kdata->key_data_length[0]; madmin_key.contents = kdata->key_data_contents[0]; } @@ -372,7 +372,7 @@ key_init(kcontext, debug_level, key_type, master_key_name, manual, /* * Figure out arguments. */ - master_keyblock.enctype=((key_type == -1) ? ENCTYPE_DES_CBC_MD5 : key_type); + master_keyblock.enctype=((key_type == -1) ? DEFAULT_KDC_ENCTYPE : key_type); mkey_name = ((!master_key_name) ? KRB5_KDB_M_NAME : master_key_name); /* @@ -1110,7 +1110,9 @@ key_pwd_is_weak(kcontext, dbentp, string) &key_list); if (!kret) { for (i=0; i<num_keys; i++) { - if ((key_list[i].key_data_type[0] == ENCTYPE_DES_CBC_MD5) && + if (((key_list[i].key_data_type[0] == ENCTYPE_DES_CBC_MD5) || + (key_list[i].key_data_type[0] == ENCTYPE_DES_CBC_MD4) || + (key_list[i].key_data_type[0] == ENCTYPE_DES_CBC_CRC)) && (key_list[i].key_data_length[0] == KRB5_MIT_DES_KEYSIZE) && mit_des_is_weak_key(key_list[i].key_data_contents[0])) { weakness = 1; |