krb5: implement draft-ietf-kitten-aes-cts-hmac-sha2-07

2015-11-27 18:55:30 +11:00
parent a3bece16c7
commit 7b720cf61c
32 changed files with 1662 additions and 382 deletions
--- a/lib/gssapi/krb5/init_sec_context.c
+++ b/lib/gssapi/krb5/init_sec_context.c
@@ -423,16 +423,10 @@ init_auth
    /*
     * This is hideous glue for (NFS) clients that wants to limit the
     * available enctypes to what it can support (encryption in
-     * kernel). If there is no enctypes selected for this credential,
-     * reset it to the default set of enctypes.
+     * kernel).
     */
-    {
-	krb5_enctype *enctypes = NULL;
-
-	if (cred && cred->enctypes)
-	    enctypes = cred->enctypes;
-	krb5_set_default_in_tkt_etypes(context, enctypes);
-    }
+    if (cred && cred->enctypes)
+	krb5_set_default_in_tkt_etypes(context, cred->enctypes);

    ret = gsskrb5_get_creds(minor_status, context, ctx->ccache,
 			    ctx, name, time_req, time_rec);