git.openafs.org Git - openafs.git/commit

author	Russ Allbery <rra@stanford.edu>
	Thu, 21 Jan 2010 23:41:49 +0000 (15:41 -0800)
committer	Derrick Brashear <shadow\|account-1000005@unknown>
	Fri, 22 Jan 2010 13:30:55 +0000 (05:30 -0800)
commit	cb4b62a40352ccebae3a299f4327fa70fc7a0c5c
tree	533340a842cd177c86132457a14ce5131a429643	tree \| snapshot
parent	ddc64898e7b3a26e6514be63ef01672fe67cb851	commit \| diff

Enable weak enctypes for aklog if supported by Kerberos

Current versions of both MIT Kerberos and Heimdal disable DES enctypes
by default, but DES enctypes are still required for AFS service tickets.
Probe for either krb5_allow_weak_crypto() (MIT Kerberos 1.8) or
krb5_enctype_enable() (Heimdal) and, if found, call them to enable DES
enctypes. If neither is found, assume that the Kerberos libraries are
old enough that DES is enabled by default.

Change-Id: Ib5231bb7c2fe88f4c424628394ed08122d5710a1
Reviewed-on: http://gerrit.openafs.org/1141
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>

src/aklog/aklog.c		diff \| blob \| history
src/cf/kerberos.m4		diff \| blob \| history