kdc: Add krb5_is_enctype_old() to determine whether an enctype is older

AES256 and AES128 are newer enctypes because they are officially specified in RFC4120 and RFC8009, while enctypes not officially specified since RFC4120 are considered older. This function differs from older_enctype() in that it does not report unknown or non-existent enctypes as being 'newer'. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
2021-10-08 15:59:42 +13:00
parent 87348cf27a
commit 91e86460cd
9 changed files with 44 additions and 43 deletions
--- a/lib/krb5/crypto-arcfour.c
+++ b/lib/krb5/crypto-arcfour.c
@@ -360,7 +360,7 @@ struct _krb5_encryption_type _krb5_enctype_arcfour_hmac_md5 = {
    &keytype_arcfour,
    &_krb5_checksum_hmac_md5,
    &_krb5_checksum_hmac_md5,
-    F_SPECIAL | F_WEAK,
+    F_SPECIAL | F_WEAK | F_OLD,
    ARCFOUR_encrypt,
    NULL,
    0,