a9843d6 ipa-sam: report supported enctypes based on Kerberos realm configuration

1 file Authored by abbra 10 years ago, Committed by pviktori 10 years ago,
    ipa-sam: report supported enctypes based on Kerberos realm configuration
    
    We store Kerberos realm configuration in cn=REALM,cn=kerberos,$SUFFIX.
    Along other configuration options, this container has list of default
    supported encryption types, in krbDefaultEncSaltTypes.
    
    Fetch krbDefaultEncSaltTypes value on ipa-sam initialization and convert
    discovered list to the mask of supported encryption types according to
    security.idl from Samba:
            typedef [public,bitmap32bit] bitmap {
                    KERB_ENCTYPE_DES_CBC_CRC             = 0x00000001,
                    KERB_ENCTYPE_DES_CBC_MD5             = 0x00000002,
                    KERB_ENCTYPE_RC4_HMAC_MD5            = 0x00000004,
                    KERB_ENCTYPE_AES128_CTS_HMAC_SHA1_96 = 0x00000008,
                    KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96 = 0x00000010
            } kerb_EncTypes;
    
    Part of https://fedorahosted.org/freeipa/ticket/3898
    
        
file modified
+117 -12