Attachment #9392 for bug #46292

(-)a/services/univention-s4-connector/modules/univention/s4connector/s4/password.py (-1 / +5 lines)

Lines 166-178 def calculate_supplementalCredentials(ucs_krb5key, old_supplementalCredentials):	Link Here

166

	krb5_des_crc = ''

166

	krb5_des_crc = ''

167

	krb_ctr3_salt = ''

167

	krb_ctr3_salt = ''

168

	krb_ctr4_salt = ''

168

	krb_ctr4_salt = ''

169

	context = heimdal.context()

170

	permitted_enctypes = map(lambda x: x.toint(), context.get_permitted_enctypes())

169

	for k in ucs_krb5key:

171

	for k in ucs_krb5key:

170

		(keyblock, salt, kvno) = heimdal.asn1_decode_key(k)

172

		(keyblock, salt, kvno) = heimdal.asn1_decode_key(k)

171

172

		key_data = keyblock.keyvalue()

173

		key_data = keyblock.keyvalue()

173

		saltstring = salt.saltvalue()

174

		saltstring = salt.saltvalue()

174

		enctype = keyblock.keytype()

175

		enctype = keyblock.keytype()

175

		enctype_id = enctype.toint()

176

		enctype_id = enctype.toint()

177

		if enctype_id not in permitted_enctypes:

178

			ud.debug(ud.LDAP, ud.WARN, "calculate_supplementalCredentials: ignoring enctype '%s', not supported by heimdal" % enctype_id)

179

			continue

176

		ud.debug(ud.LDAP, ud.INFO, "calculate_supplementalCredentials: krb5_keytype: %s (%d)" % (enctype, enctype_id))

180

		ud.debug(ud.LDAP, ud.INFO, "calculate_supplementalCredentials: krb5_keytype: %s (%d)" % (enctype, enctype_id))

177

		if enctype_id == 18:

181

		if enctype_id == 18:

178

			krb5_aes256 = key_data

182

			krb5_aes256 = key_data

Return to bug 46292