[455] in Kerberos_V5_Development
Re: -e 1 on admin commands.
jtkohl@ATHENA.MIT.EDU (jtkohl@ATHENA.MIT.EDU)
Tue Nov 20 11:25:20 1990
[this would have been e-mailed to the meeting, but the discuss mail feed
is currently hosed...]
I finally dug around to figure out why the "-e 1" argument has been
necessary, and it was all my fault.
A while back, I changed krb5_enctype to be unsigned (it was erroneously
signed before), and this made the code which explicitly set the etype to
-1 and later compare against it do the Wrong Thing.
I've fixed kdb5_edit, kdb5_create, and kdb5_stash, so they now take a
default encryption type based on the master key type.
That type is currently defaulted to DES, but I want to eventually make
that default choice a configuration option.
John
