mirror of
https://github.com/samba-team/samba.git
synced 2025-02-25 17:57:42 +03:00
s4:kdc: Pass supported enctypes to samba_kdc_set_fixed_keys()
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
This commit is contained in:
parent
01e7425fab
commit
2d9fd3855f
@ -336,12 +336,10 @@ static void samba_kdc_sort_keys(struct sdb_keys *keys)
|
||||
}
|
||||
|
||||
int samba_kdc_set_fixed_keys(krb5_context context,
|
||||
struct samba_kdc_db_context *kdc_db_ctx,
|
||||
const struct ldb_val *secretbuffer,
|
||||
bool is_protected,
|
||||
uint32_t supported_enctypes,
|
||||
struct sdb_keys *keys)
|
||||
{
|
||||
uint32_t supported_enctypes = ENC_ALL_TYPES;
|
||||
uint16_t allocated_keys = 0;
|
||||
int ret;
|
||||
|
||||
@ -354,10 +352,6 @@ int samba_kdc_set_fixed_keys(krb5_context context,
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (is_protected) {
|
||||
supported_enctypes &= ~ENC_RC4_HMAC_MD5;
|
||||
}
|
||||
|
||||
if (supported_enctypes & ENC_HMAC_SHA1_96_AES256) {
|
||||
struct sdb_key key = {};
|
||||
|
||||
@ -419,9 +413,14 @@ static int samba_kdc_set_random_keys(krb5_context context,
|
||||
struct sdb_keys *keys,
|
||||
bool is_protected)
|
||||
{
|
||||
uint32_t supported_enctypes = ENC_ALL_TYPES;
|
||||
struct ldb_val secret_val;
|
||||
uint8_t secretbuffer[32];
|
||||
|
||||
if (is_protected) {
|
||||
supported_enctypes &= ~ENC_RC4_HMAC_MD5;
|
||||
}
|
||||
|
||||
/*
|
||||
* Fake keys until we have a better way to reject
|
||||
* non-pkinit requests.
|
||||
@ -433,9 +432,9 @@ static int samba_kdc_set_random_keys(krb5_context context,
|
||||
|
||||
secret_val = data_blob_const(secretbuffer,
|
||||
sizeof(secretbuffer));
|
||||
return samba_kdc_set_fixed_keys(context, kdc_db_ctx,
|
||||
return samba_kdc_set_fixed_keys(context,
|
||||
&secret_val,
|
||||
is_protected,
|
||||
supported_enctypes,
|
||||
keys);
|
||||
}
|
||||
|
||||
|
@ -26,9 +26,8 @@ struct sdb_entry;
|
||||
|
||||
|
||||
int samba_kdc_set_fixed_keys(krb5_context context,
|
||||
struct samba_kdc_db_context *kdc_db_ctx,
|
||||
const struct ldb_val *secretbuffer,
|
||||
bool is_protected,
|
||||
uint32_t supported_enctypes,
|
||||
struct sdb_keys *keys);
|
||||
|
||||
krb5_error_code samba_kdc_fetch(krb5_context context,
|
||||
|
@ -223,7 +223,7 @@ static krb5_error_code hdb_samba4_fetch_fast_cookie(krb5_context context,
|
||||
return ret;
|
||||
}
|
||||
|
||||
ret = samba_kdc_set_fixed_keys(context, kdc_db_ctx, val, false,
|
||||
ret = samba_kdc_set_fixed_keys(context, val, ENC_ALL_TYPES,
|
||||
&sentry.keys);
|
||||
if (ret != 0) {
|
||||
return ret;
|
||||
|
Loading…
x
Reference in New Issue
Block a user