diff options
| author | Theodore Tso <tytso@mit.edu> | 1996-01-11 04:03:06 +0000 |
|---|---|---|
| committer | Theodore Tso <tytso@mit.edu> | 1996-01-11 04:03:06 +0000 |
| commit | b510380e3424065552eb7af9bf3ca3a28f93a1ca (patch) | |
| tree | 98d2220584ed0f254b06910ebbc6cfbdb11bfc21 /src | |
| parent | 5209698478ec1d6fa8657a6f69bb169a6668a968 (diff) | |
Added checking of profile for DCE compatability options (ccache type,
and checksum type).
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7300 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/krb5/krb/ChangeLog | 3 | ||||
| -rw-r--r-- | src/lib/krb5/krb/init_ctx.c | 26 |
2 files changed, 25 insertions, 4 deletions
diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog index 76e556f59..507d44795 100644 --- a/src/lib/krb5/krb/ChangeLog +++ b/src/lib/krb5/krb/ChangeLog @@ -1,5 +1,8 @@ Wed Jan 10 21:01:36 1996 Theodore Y. Ts'o <tytso@dcl> + * init_ctx.c (krb5_init_context): Added checking of profile for + DCE compatability options (ccache type, and checksum type). + * fwd_tgt.c (krb5_fwd_tgt_creds): Initialize addrs to 0 so that we don't try to free stack garbage on an error. diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c index 1850cd8bb..14ca0a653 100644 --- a/src/lib/krb5/krb/init_ctx.c +++ b/src/lib/krb5/krb/init_ctx.c @@ -53,17 +53,35 @@ krb5_init_context(context) goto cleanup; ctx->default_realm = 0; - profile_get_integer(ctx->profile, "libdefaults", - "clockskew", 0, 5 * 60, - &tmp); + profile_get_integer(ctx->profile, "libdefaults", "clockskew", + 0, 5 * 60, &tmp); ctx->clockskew = tmp; - ctx->kdc_req_sumtype = CKSUMTYPE_RSA_MD5; + + /* DCE 1.1 and below only support CKSUMTYPE_RSA_MD4 (2) */ + /* DCE add checksum_type = 2 to krb5.conf */ + profile_get_integer(ctx->profile, "libdefaults", "checksum_type", 0, + CKSUMTYPE_RSA_MD5, &tmp); + ctx->kdc_req_sumtype = tmp; + ctx->kdc_default_options = KDC_OPT_RENEWABLE_OK; profile_get_integer(ctx->profile, "libdefaults", "kdc_timesync", 0, 0, &tmp); ctx->library_options = tmp ? KRB5_LIBOPT_SYNC_KDCTIME : 0; + /* + * We use a default file credentials cache of 3. See + * lib/krb5/krb/ccache/file/fcc.h for a description of the + * credentials cache types. + * + * Note: DCE 1.0.3a only supports a cache type of 1 + * DCE 1.1 supports a cache type of 2. + */ + profile_get_integer(ctx->profile, "libdefaults", "ccache_type", + 0, 3, &tmp); + ctx->fcc_default_format = tmp + 0x0500; + ctx->scc_default_format = tmp + 0x0500; + *context = ctx; return 0; |