From b510380e3424065552eb7af9bf3ca3a28f93a1ca Mon Sep 17 00:00:00 2001 From: Theodore Tso Date: Thu, 11 Jan 1996 04:03:06 +0000 Subject: [PATCH] Added checking of profile for DCE compatability options (ccache type, and checksum type). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7300 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/krb5/krb/ChangeLog | 3 +++ src/lib/krb5/krb/init_ctx.c | 26 ++++++++++++++++++++++---- 2 files changed, 25 insertions(+), 4 deletions(-) diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog index 76e556f59..507d44795 100644 --- a/src/lib/krb5/krb/ChangeLog +++ b/src/lib/krb5/krb/ChangeLog @@ -1,5 +1,8 @@ Wed Jan 10 21:01:36 1996 Theodore Y. Ts'o + * init_ctx.c (krb5_init_context): Added checking of profile for + DCE compatability options (ccache type, and checksum type). + * fwd_tgt.c (krb5_fwd_tgt_creds): Initialize addrs to 0 so that we don't try to free stack garbage on an error. diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c index 1850cd8bb..14ca0a653 100644 --- a/src/lib/krb5/krb/init_ctx.c +++ b/src/lib/krb5/krb/init_ctx.c @@ -53,17 +53,35 @@ krb5_init_context(context) goto cleanup; ctx->default_realm = 0; - profile_get_integer(ctx->profile, "libdefaults", - "clockskew", 0, 5 * 60, - &tmp); + profile_get_integer(ctx->profile, "libdefaults", "clockskew", + 0, 5 * 60, &tmp); ctx->clockskew = tmp; - ctx->kdc_req_sumtype = CKSUMTYPE_RSA_MD5; + + /* DCE 1.1 and below only support CKSUMTYPE_RSA_MD4 (2) */ + /* DCE add checksum_type = 2 to krb5.conf */ + profile_get_integer(ctx->profile, "libdefaults", "checksum_type", 0, + CKSUMTYPE_RSA_MD5, &tmp); + ctx->kdc_req_sumtype = tmp; + ctx->kdc_default_options = KDC_OPT_RENEWABLE_OK; profile_get_integer(ctx->profile, "libdefaults", "kdc_timesync", 0, 0, &tmp); ctx->library_options = tmp ? KRB5_LIBOPT_SYNC_KDCTIME : 0; + /* + * We use a default file credentials cache of 3. See + * lib/krb5/krb/ccache/file/fcc.h for a description of the + * credentials cache types. + * + * Note: DCE 1.0.3a only supports a cache type of 1 + * DCE 1.1 supports a cache type of 2. + */ + profile_get_integer(ctx->profile, "libdefaults", "ccache_type", + 0, 3, &tmp); + ctx->fcc_default_format = tmp + 0x0500; + ctx->scc_default_format = tmp + 0x0500; + *context = ctx; return 0; -- 2.26.2