Add new kadmin/ktutil --keep* and --enctypes opts
- Add --keepold/keepallold/pruneall options to various kadmin/ktutil
commands. Default behavior to "prune old keys".
- When setting keys for a service, we need to specify enctypes for it:
- Always use kadm5_randkey_principal_3() instead of the older
kadm5_randkey_principal().
- Add krb5_string_to_keysalts2(), like MIT's krb5_string_to_keysalts(),
but with a context, and simpler.
- Add --enctypes options to various kadmin/ktutil commands.
- Add [libdefaults] supported_enctypes param with enctype[:salttype]
list.
- Add [realms] realm supported_enctypes param with enctype[:salttype]
list.
Default to aes128-cts-hmac-sha1-96:normal.
This commit is contained in:
Nicolas Williams
committed by
Nico Williams
Nico Williams
parent
7b76d6719f
commit
d8394c65b7
+7
-1
@@ -534,9 +534,15 @@ get_entry(struct get_options *opt, int argc, char **argv)
|
||||
int
|
||||
list_princs(struct list_options *opt, int argc, char **argv)
|
||||
{
|
||||
struct get_options get_opt;
|
||||
|
||||
if(sizeof(struct get_options) != sizeof(struct list_options)) {
|
||||
krb5_warnx(context, "programmer error: sizeof(struct get_options) != sizeof(struct list_options)");
|
||||
return 0;
|
||||
}
|
||||
return getit((struct get_options*)opt, "list", argc, argv);
|
||||
get_opt.long_flag = opt->long_flag;
|
||||
get_opt.short_flag = opt->short_flag;
|
||||
get_opt.terse_flag = opt->terse_flag;
|
||||
get_opt.column_info_string = opt->column_info_string;
|
||||
return getit(&get_opt, "list", argc, argv);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user