From: Greg Hudson <ghudson@mit.edu>
Date: Wed, 14 Nov 2012 21:49:33 +0000 (-0500)
Subject: Add Camellia enctypes to default enctype lists
X-Git-Tag: krb5-1.12-alpha1~480
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8f27ae9d0afb81f851ff56523882de3524031b9b;p=thirdparty%2Fkrb5.git

Add Camellia enctypes to default enctype lists

Add camellia256-cts-cmas and camellia128-cts-cmac to the default
permitted_enctypes, default_tkt_enctypes, and default_tgs_enctypes
lists, to simplify deployment of Camellia.  The new enctypes still
aren't on supported_enctypes, so won't be in the set of long-term keys
for principals without administrator intervention.

ticket: 7446 (new)
target_version: 1.11
tags: pullup
---

diff --git a/doc/conf.py b/doc/conf.py
index f441f7ec44..2ad76fd96e 100644
--- a/doc/conf.py
+++ b/doc/conf.py
@@ -267,7 +267,7 @@ else:
     rst_epilog += '''
 .. |krb5conf| replace:: ``/etc/krb5.conf``
 .. |defkeysalts| replace:: ``aes256-cts-hmac-sha1-96:normal aes128-cts-hmac-sha1-96:normal des3-cbc-sha1:normal arcfour-hmac-md5:normal``
-.. |defetypes| replace:: ``aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 des3-cbc-sha1 arcfour-hmac-md5 des-cbc-crc des-cbc-md5 des-cbc-md4``
+.. |defetypes| replace:: ``aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 des3-cbc-sha1 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac des-cbc-crc des-cbc-md5 des-cbc-md4``
 .. |defmkey| replace:: ``aes256-cts-hmac-sha1-96``
 .. |copy| unicode:: U+000A9
 '''
diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c
index aa793fc8f3..6054b2056e 100644
--- a/src/lib/krb5/krb/init_ctx.c
+++ b/src/lib/krb5/krb/init_ctx.c
@@ -63,6 +63,7 @@ static krb5_enctype default_enctype_list[] = {
     ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96,
     ENCTYPE_DES3_CBC_SHA1,
     ENCTYPE_ARCFOUR_HMAC,
+    ENCTYPE_CAMELLIA128_CTS_CMAC, ENCTYPE_CAMELLIA256_CTS_CMAC,
     ENCTYPE_DES_CBC_CRC, ENCTYPE_DES_CBC_MD5, ENCTYPE_DES_CBC_MD4,
     0
 };