[27248] in CVS-changelog-for-Kerberos-V5
krb5 commit: Rebuild krb5.conf.man for default enctypes
daemon@ATHENA.MIT.EDU (Benjamin Kaduk)
Wed Nov 14 17:14:58 2012
Date: Wed, 14 Nov 2012 17:14:56 -0500
From: Benjamin Kaduk <kaduk@mit.edu>
Message-Id: <201211142214.qAEMEuQA002930@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/d380f21727f837590bbd22caf16dedfdf02f8a0b
commit d380f21727f837590bbd22caf16dedfdf02f8a0b
Author: Ben Kaduk <kaduk@mit.edu>
Date: Wed Nov 14 17:09:23 2012 -0500
Rebuild krb5.conf.man for default enctypes
Now that the Camellia enctypes are in the default lists for
permitted_enctypes, default_tkt_enctypes, and default_tgs_enctypes,
regenerate the man page to reflect that change.
ticket: 7446
target_version: 1.11
tags: pullup
src/man/krb5.conf.man | 6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/man/krb5.conf.man b/src/man/krb5.conf.man
index 07021eb..9dba5c4 100644
--- a/src/man/krb5.conf.man
+++ b/src/man/krb5.conf.man
@@ -240,7 +240,7 @@ should be returned by the KDC, in order of preference from
highest to lowest. The list may be delimited with commas or
whitespace. See \fIEncryption_and_salt_types\fP in
\fIkdc.conf(5)\fP for a list of the accepted values for this tag.
-The default value is \fBaes256\-cts\-hmac\-sha1\-96 aes128\-cts\-hmac\-sha1\-96 des3\-cbc\-sha1 arcfour\-hmac\-md5 des\-cbc\-crc des\-cbc\-md5 des\-cbc\-md4\fP, but single\-DES encryption types
+The default value is \fBaes256\-cts\-hmac\-sha1\-96 aes128\-cts\-hmac\-sha1\-96 des3\-cbc\-sha1 arcfour\-hmac\-md5 camellia256\-cts\-cmac camellia128\-cts\-cmac des\-cbc\-crc des\-cbc\-md5 des\-cbc\-md4\fP, but single\-DES encryption types
will be implicitly removed from this list if the value of
\fBallow_weak_crypto\fP is false.
.TP
@@ -249,7 +249,7 @@ Identifies the supported list of session key encryption types that
should be requested by the client, in order of preference from
highest to lowest. The format is the same as for
default_tgs_enctypes. The default value for this tag is
-\fBaes256\-cts\-hmac\-sha1\-96 aes128\-cts\-hmac\-sha1\-96 des3\-cbc\-sha1 arcfour\-hmac\-md5 des\-cbc\-crc des\-cbc\-md5 des\-cbc\-md4\fP, but single\-DES encryption types will be implicitly
+\fBaes256\-cts\-hmac\-sha1\-96 aes128\-cts\-hmac\-sha1\-96 des3\-cbc\-sha1 arcfour\-hmac\-md5 camellia256\-cts\-cmac camellia128\-cts\-cmac des\-cbc\-crc des\-cbc\-md5 des\-cbc\-md4\fP, but single\-DES encryption types will be implicitly
removed from this list if the value of \fBallow_weak_crypto\fP is
false.
.TP
@@ -395,7 +395,7 @@ used across NATs. The default value is true.
.B \fBpermitted_enctypes\fP
Identifies all encryption types that are permitted for use in
session key encryption. The default value for this tag is
-\fBaes256\-cts\-hmac\-sha1\-96 aes128\-cts\-hmac\-sha1\-96 des3\-cbc\-sha1 arcfour\-hmac\-md5 des\-cbc\-crc des\-cbc\-md5 des\-cbc\-md4\fP, but single\-DES encryption types will be implicitly
+\fBaes256\-cts\-hmac\-sha1\-96 aes128\-cts\-hmac\-sha1\-96 des3\-cbc\-sha1 arcfour\-hmac\-md5 camellia256\-cts\-cmac camellia128\-cts\-cmac des\-cbc\-crc des\-cbc\-md5 des\-cbc\-md4\fP, but single\-DES encryption types will be implicitly
removed from this list if the value of \fBallow_weak_crypto\fP is
false.
.TP
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
