From: | ghudson@mit.edu |
Subject: | SVN Commit |
With the addition of enctype negotiation in 1.7, a gss-krb5 acceptor
can choose an enctype for the acceptor subkey other than the one in
the keytab. If the resulting security context will be exported and
re-imported by another gss-krb5 implementation (such as one in the
kernel), the acceptor needs a way to restrict the set of negotiated
enctypes to those supported by the other implementation. We had that
functionality for the initiator already in the form of
gss_krb5_set_allowable_enctypes; this change makes it work for the
acceptor as well.
https://github.com/krb5/krb5/commit/af11454d3adf02a0e6fe3156e37b7b06fd5a9d3b
Commit By: ghudson
Revision: 24603
Changed Files:
U trunk/src/lib/gssapi/krb5/accept_sec_context.c