diff options
| author | Russ Allbery <rra@stanford.edu> | 2010-02-09 13:41:11 -0800 | 
|---|---|---|
| committer | Russ Allbery <rra@stanford.edu> | 2010-02-09 13:41:11 -0800 | 
| commit | cbdc17af5f7a772188638f0057fffd357acbbd38 (patch) | |
| tree | f91b008d523ad9f5cc31ebd632b8e2a1d8d40974 /perl/Wallet/Kadmin | |
| parent | 2d33440272200cad20a5a4c58e5d8aa0dfad9a1f (diff) | |
Use the long enctype name for aes256-cts-hmac-sha1-96
Heimdal requires the full name and doesn't support the short name that
MIT has as an alias.  Change the documentation to use the long name
uniformly.
Diffstat (limited to 'perl/Wallet/Kadmin')
| -rw-r--r-- | perl/Wallet/Kadmin/Heimdal.pm | 16 | ||||
| -rw-r--r-- | perl/Wallet/Kadmin/MIT.pm | 14 | 
2 files changed, 16 insertions, 14 deletions
| diff --git a/perl/Wallet/Kadmin/Heimdal.pm b/perl/Wallet/Kadmin/Heimdal.pm index 2ca8dcd..428202b 100644 --- a/perl/Wallet/Kadmin/Heimdal.pm +++ b/perl/Wallet/Kadmin/Heimdal.pm @@ -1,7 +1,7 @@  # Wallet::Kadmin::Heimdal -- Heimdal Kadmin interactions for the wallet.  #  # Written by Jon Robertson <jonrober@stanford.edu> -# Copyright 2009 Board of Trustees, Leland Stanford Jr. University +# Copyright 2009, 2010 Board of Trustees, Leland Stanford Jr. University  #  # See LICENSE for licensing terms. @@ -238,7 +238,7 @@ Wallet::Kadmin::MIT - MIT admin interactions for wallet keytabs      my $kadmin = Wallet::Kadmin::MIT->new ();      $kadmin->addprinc ("host/shell.example.com"); -    $kadmin->ktadd ("host/shell.example.com", "aes256-cts"); +    $kadmin->ktadd ("host/shell.example.com", "aes256-cts-hmac-sha1-96");      my $exists = $kadmin->exists ("host/oldshell.example.com");      $kadmin->delprinc ("host/oldshell.example.com") if $exists; @@ -282,10 +282,11 @@ reality.  =item ktadd(PRINCIPAL, FILE, ENCTYPES) -Creates a new keytab for the given principal, as the given file, limited to -the enctypes supplied.  The enctype values must be enctype strings recognized -by Kerberos (strings like C<aes256-cts> or C<des-cbc-crc>).  An error is -thrown on failure or if the creation fails, otherwise true is returned. +Creates a new keytab for the given principal, as the given file, limited +to the enctypes supplied.  The enctype values must be enctype strings +recognized by Kerberos (strings like C<aes256-cts-hmac-sha1-96> or +C<des-cbc-crc>).  An error is thrown on failure or if the creation fails, +otherwise true is returned.  =back @@ -305,7 +306,6 @@ from L<http://www.eyrie.org/~eagle/software/wallet/>.  =head1 AUTHORS -Russ Allbery <rra@stanford.edu> -Jon Robertson <jonrober@stanford.edu> +Russ Allbery <rra@stanford.edu> and Jon Robertson <jonrober@stanford.edu>.  =cut diff --git a/perl/Wallet/Kadmin/MIT.pm b/perl/Wallet/Kadmin/MIT.pm index c3ad901..49691b0 100644 --- a/perl/Wallet/Kadmin/MIT.pm +++ b/perl/Wallet/Kadmin/MIT.pm @@ -2,7 +2,8 @@  #  # Written by Russ Allbery <rra@stanford.edu>  # Pulled into a module by Jon Robertson <jonrober@stanford.edu> -# Copyright 2007, 2008, 2009 Board of Trustees, Leland Stanford Jr. University +# Copyright 2007, 2008, 2009, 2010 +#     Board of Trustees, Leland Stanford Jr. University  #  # See LICENSE for licensing terms. @@ -233,7 +234,7 @@ Wallet::Kadmin::MIT - MIT admin interactions for wallet keytabs      my $kadmin = Wallet::Kadmin::MIT->new ();      $kadmin->addprinc ("host/shell.example.com"); -    $kadmin->ktadd ("host/shell.example.com", "aes256-cts"); +    $kadmin->ktadd ("host/shell.example.com", "aes256-cts-hmac-sha1-96");      my $exists = $kadmin->exists ("host/oldshell.example.com");      $kadmin->delprinc ("host/oldshell.example.com") if $exists; @@ -277,10 +278,11 @@ reality.  =item ktadd(PRINCIPAL, FILE, ENCTYPES) -Creates a new keytab for the given principal, as the given file, limited to -the enctypes supplied.  The enctype values must be enctype strings recognized -by Kerberos (strings like C<aes256-cts> or C<des-cbc-crc>).  An error is -thrown on failure or if the creation fails, otherwise true is returned. +Creates a new keytab for the given principal, as the given file, limited +to the enctypes supplied.  The enctype values must be enctype strings +recognized by Kerberos (strings like C<aes256-cts-hmac-sha1-96> or +C<des-cbc-crc>).  An error is thrown on failure or if the creation fails, +otherwise true is returned.  =back | 
