(krb5_kerberos_enctypes): new function, returns the list of Kerberos

encryption types sorted in order of most preferred to least preferred encryption type. git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17908 ec53bebd-3082-4978-b11e-865c3cabbd6b
2006-08-24 08:43:15 +00:00
parent 3ffb120454
commit c84978ea6d
1 changed files with 24 additions and 6 deletions
--- a/lib/krb5/context.c
+++ b/lib/krb5/context.c
@@ -422,13 +422,17 @@ krb5_free_config_files(char **filenames)
 }

 /*
- * set `etype' to a malloced list of the default enctypes
+ * Returns the list of Kerberos encryption types sorted in order of
+ * most preferred to least preferred encryption type.  The array ends
+ * with ETYPE_NULL.  Note that some encryption types might be
+ * disabled, so you need to check with krb5_enctype_valid() before
+ * using the encryption type.
 */

-static krb5_error_code
-default_etypes(krb5_context context, krb5_enctype **etype)
+const krb5_enctype * KRB5_LIB_FUNCTION
+krb5_kerberos_enctypes(krb5_context context)
 {
-    krb5_enctype p[] = {
+    static const krb5_enctype p[] = {
 	ETYPE_AES256_CTS_HMAC_SHA1_96,
 	ETYPE_AES128_CTS_HMAC_SHA1_96,
 	ETYPE_DES3_CBC_SHA1,
@@ -436,12 +440,26 @@ default_etypes(krb5_context context, krb5_enctype **etype)
 	ETYPE_ARCFOUR_HMAC_MD5,
 	ETYPE_DES_CBC_MD5,
 	ETYPE_DES_CBC_MD4,
-	ETYPE_DES_CBC_CRC
+	ETYPE_DES_CBC_CRC,
+	ETYPE_NULL
    };
+    return p;
+}
+
+/*
+ * set `etype' to a malloced list of the default enctypes
+ */
+
+static krb5_error_code
+default_etypes(krb5_context context, krb5_enctype **etype)
+{
+    const krb5_enctype *p;
    krb5_enctype *e = NULL, *ep;
    int i, n = 0;

-    for (i = 0; i < sizeof(p)/sizeof(p[0]); i++) {
+    p = krb5_kerberos_enctypes(context);
+
+    for (i = 0; p[i] != ETYPE_NULL; i++) {
 	if (krb5_enctype_valid(context, p[i]) != 0)
 	    continue;
 	ep = realloc(e, (n + 2) * sizeof(*e));