The tests for the various ways of enabling weak cryptography fail
with current Heimdal master, because it defines krb5_allow_weak_crypto
but does not prototype it.
Fix this by testing for the Heimdal version (which MIT does not provide)
first, and only if that's not available, try to use allow_weak_crypto.
Change-Id: I559d5fd40c196fefc947dd0f7b10ed78fbd2c7e6
Reviewed-on: http://gerrit.openafs.org/2739
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>
* krb5_allow_weak_crypto is MIT Kerberos 1.8. krb5_enctype_enable is
* Heimdal.
*/
-#if defined(HAVE_KRB5_ALLOW_WEAK_CRYPTO)
- krb5_allow_weak_crypto(context, 1);
-#elif defined(HAVE_KRB5_ENCTYPE_ENABLE)
+#if defined(HAVE_KRB5_ENCTYPE_ENABLE)
i = krb5_enctype_valid(context, ETYPE_DES_CBC_CRC);
if (i)
krb5_enctype_enable(context, ETYPE_DES_CBC_CRC);
+#elif defined(HAVE_KRB5_ALLOW_WEAK_CRYPTO)
+ krb5_allow_weak_crypto(context, 1);
#endif
/* Initialize list of cells to which we have authenticated */
* krb5_allow_weak_crypto is MIT Kerberos 1.8. krb5_enctype_enable is
* Heimdal.
*/
-#if defined(HAVE_KRB5_ALLOW_WEAK_CRYPTO)
- krb5_allow_weak_crypto(k5context, 1);
-#elif defined(HAVE_KRB5_ENCTYPE_ENABLE)
+#if defined(HAVE_KRB5_ENCTYPE_ENABLE)
i = krb5_enctype_valid(k5context, ETYPE_DES_CBC_CRC);
if (i)
krb5_enctype_enable(k5context, ETYPE_DES_CBC_CRC);
+#elif defined(HAVE_KRB5_ALLOW_WEAK_CRYPTO)
+ krb5_allow_weak_crypto(k5context, 1);
#endif
/* Parse remaining arguments. */
projects / packages / o / openafs.git / commitdiff