oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

kadmin: Use same supported_enctypes default as default_keys in lib/hdb

Browse Source
This commit is contained in:
Nicolas Williams
2025-11-24 17:03:45 -06:00
parent b704f45dce
commit 697d493ca8
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
kadmin/ank.c
View File

@@ -275,7 +275,7 @@ add_new_key(struct add_options *opt, int argc, char **argv)
enctypes = krb5_config_get_string(context, NULL, "libdefaults",
"supported_enctypes", NULL);
if (enctypes == NULL || enctypes[0] == '\0')
enctypes = "aes128-cts-hmac-sha1-96";
enctypes = "aes256-cts-hmac-sha1-96 aes256-cts-hmac-sha384-192";
ret = krb5_string_to_keysalts2(context, enctypes, &nkstuple, &kstuple);
if (ret) {
fprintf(stderr, "enctype(s) unknown\n");
@@ -505,7 +505,7 @@ add_new_namespace(struct add_namespace_options *opt, int argc, char **argv)
enctypes = krb5_config_get_string(context, NULL, "libdefaults",
"supported_enctypes", NULL);
if (enctypes == NULL || enctypes[0] == '\0')
enctypes = "aes128-cts-hmac-sha1-96";
enctypes = "aes256-cts-hmac-sha1-96 aes256-cts-hmac-sha384-192";
ret = krb5_string_to_keysalts2(context, enctypes, &nkstuple, &kstuple);
if (ret) {
fprintf(stderr, "enctype(s) unknown\n");

2
kadmin/ext.c
View File

@@ -199,7 +199,7 @@ ext_keytab(struct ext_keytab_options *opt, int argc, char **argv)
enctypes = krb5_config_get_string(context, NULL, "libdefaults",
"supported_enctypes", NULL);
if (enctypes == NULL || enctypes[0] == '\0')
enctypes = "aes128-cts-hmac-sha1-96";
enctypes = "aes256-cts-hmac-sha1-96 aes256-cts-hmac-sha384-192";
ret = krb5_string_to_keysalts2(context, enctypes, &data.nkstuple,
&data.kstuple);
if (ret) {