svn commit: lorikeet r342 - in trunk/heimdal: . lib/krb5

abartlet at samba.org abartlet at samba.org
Fri Jun 17 05:36:20 GMT 2005 

Author: abartlet
Date: 2005-06-17 05:36:18 +0000 (Fri, 17 Jun 2005)
New Revision: 342

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=lorikeet&rev=342

Log:
Disable the AFS string-to-key function by default, but provide a
configure swtich for those who need it.

This is actually to avoid samba4 linking to -lcrypt because of Heimdal.

Andrew Bartlett

Modified:
   trunk/heimdal/configure.in
   trunk/heimdal/lib/krb5/crypto.c


Changeset:
Modified: trunk/heimdal/configure.in
===================================================================
--- trunk/heimdal/configure.in	2005-06-17 01:35:06 UTC (rev 341)
+++ trunk/heimdal/configure.in	2005-06-17 05:36:18 UTC (rev 342)
@@ -210,6 +210,12 @@
 	AC_DEFINE(NO_MMAP, 1, [Define if you don't want to use mmap.])
 fi
 
+AC_ARG_ENABLE(afs-string-to-key,
+	AS_HELP_STRING([--enable-afs-string-to-key],[enable use of weak AFS string-to-key functions]))
+if test "$enable_afs_string_to_key" = "yes"; then
+	AC_DEFINE(WITH_AFS_STRING_TO_KEY, 1, [Define if want to use the weak AFS string to key functions.])
+fi
+
 rk_CHECK_MAN
 
 rk_TEST_PACKAGE(readline,

Modified: trunk/heimdal/lib/krb5/crypto.c
===================================================================
--- trunk/heimdal/lib/krb5/crypto.c	2005-06-17 01:35:06 UTC (rev 341)
+++ trunk/heimdal/lib/krb5/crypto.c	2005-06-17 05:36:18 UTC (rev 342)
@@ -250,6 +250,7 @@
     return 0;
 }
 
+#ifdef WITH_AFS_STRING_TO_KEY
 /* This defines the Andrew string_to_key function.  It accepts a password
  * string as input and converts its via a one-way encryption algorithm to a DES
  * encryption key.  It is compatible with the original Andrew authentication
@@ -345,6 +346,7 @@
     memset(&key, 0, sizeof(key));
     return 0;
 }
+#endif
 
 static void
 krb5_DES_random_to_key(krb5_context context,
@@ -870,11 +872,13 @@
 	"pw-salt",
 	krb5_DES_string_to_key
     },
+#ifdef WITH_AFS_STRING_TO_KEY
     {
 	KRB5_AFS3_SALT,
 	"afs3-salt",
 	DES_AFS3_string_to_key
     },
+#endif
     { 0 }
 };

More information about the samba-cvs mailing list