Commit
d008089a79 didn't replace the processing of the aencrypt
flag passed to the GetConn() function, causing all bos connections
to be un-encrypted. This causes "addkey" to fail with an error
from the server, and "listkeys" to silently ignore the -showkey
option to display keys.
Set the AFSCONF_SECOPTS_ALWAYSENCRYPT flag, and don't set
AFSCONF_SECOPTS_FALLBACK_NULL since fallback is not acceptable if
the caller requested enrcyption.
Change-Id: I6a15fa20c172ab2ddfc6494fbcd62ec6bc7fc442
Reviewed-on: http://gerrit.openafs.org/10043
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
}
memcpy(&addr, th->h_addr, sizeof(afs_int32));
- secFlags = AFSCONF_SECOPTS_FALLBACK_NULL;
+ if (aencrypt)
+ secFlags = AFSCONF_SECOPTS_ALWAYSENCRYPT;
+ else
+ secFlags = AFSCONF_SECOPTS_FALLBACK_NULL;
+
if (as->parms[ADDPARMOFFSET + 2].items) { /* -localauth */
secFlags |= AFSCONF_SECOPTS_LOCALAUTH;