Lines 166-178
def calculate_supplementalCredentials(ucs_krb5key, old_supplementalCredentials):
|
Link Here
|
---|
|
166 |
krb5_des_crc = '' |
166 |
krb5_des_crc = '' |
167 |
krb_ctr3_salt = '' |
167 |
krb_ctr3_salt = '' |
168 |
krb_ctr4_salt = '' |
168 |
krb_ctr4_salt = '' |
|
|
169 |
context = heimdal.context() |
170 |
permitted_enctypes = map(lambda x: x.toint(), context.get_permitted_enctypes()) |
169 |
for k in ucs_krb5key: |
171 |
for k in ucs_krb5key: |
170 |
(keyblock, salt, kvno) = heimdal.asn1_decode_key(k) |
172 |
(keyblock, salt, kvno) = heimdal.asn1_decode_key(k) |
171 |
|
|
|
172 |
key_data = keyblock.keyvalue() |
173 |
key_data = keyblock.keyvalue() |
173 |
saltstring = salt.saltvalue() |
174 |
saltstring = salt.saltvalue() |
174 |
enctype = keyblock.keytype() |
175 |
enctype = keyblock.keytype() |
175 |
enctype_id = enctype.toint() |
176 |
enctype_id = enctype.toint() |
|
|
177 |
if enctype_id not in permitted_enctypes: |
178 |
ud.debug(ud.LDAP, ud.WARN, "calculate_supplementalCredentials: ignoring enctype '%s', not supported by heimdal" % enctype_id) |
179 |
continue |
176 |
ud.debug(ud.LDAP, ud.INFO, "calculate_supplementalCredentials: krb5_keytype: %s (%d)" % (enctype, enctype_id)) |
180 |
ud.debug(ud.LDAP, ud.INFO, "calculate_supplementalCredentials: krb5_keytype: %s (%d)" % (enctype, enctype_id)) |
177 |
if enctype_id == 18: |
181 |
if enctype_id == 18: |
178 |
krb5_aes256 = key_data |
182 |
krb5_aes256 = key_data |