403Webshell
Server IP : 104.21.13.164  /  Your IP : 216.73.216.72
Web Server : Apache
System : Linux gator4057.hostgator.com 5.14.0-687.17.1.el9_8.x86_64 #1 SMP PREEMPT_DYNAMIC Mon Jun 22 07:21:26 EDT 2026 x86_64
User : badawi ( 1130)
PHP Version : 8.3.31
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : OFF  |  Sudo : ON  |  Pkexec : ON
Directory :  /usr/share/crypto-policies/python/policygenerators/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /usr/share/crypto-policies/python/policygenerators/krb5.py
# SPDX-License-Identifier: LGPL-2.1-or-later

# Copyright (c) 2019 Red Hat, Inc.
# Copyright (c) 2019 Tomáš Mráz <[email protected]>

from .configgenerator import ConfigGenerator


class KRB5Generator(ConfigGenerator):
    CONFIG_NAME = 'krb5'
    SCOPES = {'kerberos', 'krb5'}

    cipher_map = {
        'CAMELLIA-256-CBC': 'camellia256-cts-cmac',
        'CAMELLIA-128-CBC': 'camellia128-cts-cmac',
        'CAMELLIA-128-CTS': 'camellia128-cts-cmac',
        # RC4 is enabled separately
    }

    cipher_mac_map = {
        'AES-256-CBC-HMAC-SHA1': 'aes256-cts-hmac-sha1-96',
        'AES-256-CBC-HMAC-SHA2-384': 'aes256-cts-hmac-sha384-192',
        'AES-128-CBC-HMAC-SHA1': 'aes128-cts-hmac-sha1-96',
        'AES-128-CBC-HMAC-SHA2-256': 'aes128-cts-hmac-sha256-128',
        # RC4 is enabled separately
    }

    @classmethod
    def generate_config(cls, policy):
        p = policy.enabled
        sep = ' '

        cfg = '[libdefaults]\n'
        cfg += 'permitted_enctypes = '
        s = ''
        for j in p['mac']:
            for i in p['cipher']:
                try:
                    s = cls.append(s, cls.cipher_mac_map[i + '-' + j], sep)
                except KeyError:
                    pass

        for i in p['cipher']:
            try:
                s = cls.append(s, cls.cipher_map[i], sep)
            except KeyError:
                pass

        if 'RC4-128' in p['cipher'] and 'MD5' in p['hash']:
            s = cls.append(s, 'arcfour-hmac-md5', sep)

        cfg += s + '\n'

        # By default libkrb5 sets the min_bits to 2048, don't
        # go lower than that.
        if policy.integers['min_dh_size'] > 2048:
            # $string .= "pkinit_dh_min_bits=$min_dh_size\n";
            # krb5.conf only accepts 2048 or 4096
            cfg += 'pkinit_dh_min_bits=4096\n'

        return cfg

    @classmethod
    def test_config(cls, config):  # pylint: disable=unused-argument
        return True

Youez - 2016 - github.com/yon3zu
LinuXploit