mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-24 16:10:02 -06:00
Add support for using AES fo cross-realm TGTs
This commit is contained in:
parent
21d893ddde
commit
2d42737d01
@ -375,10 +375,19 @@ class TrustDomainInstance(object):
|
|||||||
except RuntimeError, e:
|
except RuntimeError, e:
|
||||||
pass
|
pass
|
||||||
try:
|
try:
|
||||||
self._pipe.CreateTrustedDomainEx2(self._policy_handle, info, self.auth_info, security.SEC_STD_DELETE)
|
trustdom_handle = self._pipe.CreateTrustedDomainEx2(self._policy_handle, info, self.auth_info, security.SEC_STD_DELETE)
|
||||||
except RuntimeError, (num, message):
|
except RuntimeError, (num, message):
|
||||||
raise assess_dcerpc_exception(num=num, message=message)
|
raise assess_dcerpc_exception(num=num, message=message)
|
||||||
|
|
||||||
|
try:
|
||||||
|
infoclass = lsa.TrustDomainInfoSupportedEncTypes()
|
||||||
|
infoclass.enc_types = security.KERB_ENCTYPE_RC4_HMAC_MD5
|
||||||
|
infoclass.enc_types |= security.KERB_ENCTYPE_AES128_CTS_HMAC_SHA1_96
|
||||||
|
infoclass.enc_types |= security.KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96
|
||||||
|
self._pipe.SetInformationTrustedDomain(trustdom_handle, lsa.LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES, infoclass)
|
||||||
|
except RuntimeError, e:
|
||||||
|
pass
|
||||||
|
|
||||||
def verify_trust(self, another_domain):
|
def verify_trust(self, another_domain):
|
||||||
def retrieve_netlogon_info_2(domain, function_code, data):
|
def retrieve_netlogon_info_2(domain, function_code, data):
|
||||||
try:
|
try:
|
||||||
|
Loading…
Reference in New Issue
Block a user