svn commit: lorikeet r342 - in trunk/heimdal: . lib/krb5
abartlet at samba.org
abartlet at samba.org
Fri Jun 17 05:36:20 GMT 2005
Author: abartlet
Date: 2005-06-17 05:36:18 +0000 (Fri, 17 Jun 2005)
New Revision: 342
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=lorikeet&rev=342
Log:
Disable the AFS string-to-key function by default, but provide a
configure swtich for those who need it.
This is actually to avoid samba4 linking to -lcrypt because of Heimdal.
Andrew Bartlett
Modified:
trunk/heimdal/configure.in
trunk/heimdal/lib/krb5/crypto.c
Changeset:
Modified: trunk/heimdal/configure.in
===================================================================
--- trunk/heimdal/configure.in 2005-06-17 01:35:06 UTC (rev 341)
+++ trunk/heimdal/configure.in 2005-06-17 05:36:18 UTC (rev 342)
@@ -210,6 +210,12 @@
AC_DEFINE(NO_MMAP, 1, [Define if you don't want to use mmap.])
fi
+AC_ARG_ENABLE(afs-string-to-key,
+ AS_HELP_STRING([--enable-afs-string-to-key],[enable use of weak AFS string-to-key functions]))
+if test "$enable_afs_string_to_key" = "yes"; then
+ AC_DEFINE(WITH_AFS_STRING_TO_KEY, 1, [Define if want to use the weak AFS string to key functions.])
+fi
+
rk_CHECK_MAN
rk_TEST_PACKAGE(readline,
Modified: trunk/heimdal/lib/krb5/crypto.c
===================================================================
--- trunk/heimdal/lib/krb5/crypto.c 2005-06-17 01:35:06 UTC (rev 341)
+++ trunk/heimdal/lib/krb5/crypto.c 2005-06-17 05:36:18 UTC (rev 342)
@@ -250,6 +250,7 @@
return 0;
}
+#ifdef WITH_AFS_STRING_TO_KEY
/* This defines the Andrew string_to_key function. It accepts a password
* string as input and converts its via a one-way encryption algorithm to a DES
* encryption key. It is compatible with the original Andrew authentication
@@ -345,6 +346,7 @@
memset(&key, 0, sizeof(key));
return 0;
}
+#endif
static void
krb5_DES_random_to_key(krb5_context context,
@@ -870,11 +872,13 @@
"pw-salt",
krb5_DES_string_to_key
},
+#ifdef WITH_AFS_STRING_TO_KEY
{
KRB5_AFS3_SALT,
"afs3-salt",
DES_AFS3_string_to_key
},
+#endif
{ 0 }
};
More information about the samba-cvs
mailing list