[ SYSTEM ]: Linux srv.persadacompanies.com 4.18.0-553.56.1.el8_10.x86_64 #1 SMP Tue Jun 10 05:00:59 EDT 2025 x86_64
[ SERVER ]: Apache | PHP: 8.4.19
[ USER ]: persadamedika | IP: 45.64.1.108
GEFORCE FILE MANAGER
/
usr
/
share
/
crypto-policies
/
python
/
policygenerators
/
UPLOAD:
NAME
SIZE
QUICK PERMS
ACTIONS
π __pycache__
SET
[ DEL ]
π __init__.py
837 B
SET
[ EDIT ]
|
[ DEL ]
π bind.py
2,279 B
SET
[ EDIT ]
|
[ DEL ]
π configgenerator.py
401 B
SET
[ EDIT ]
|
[ DEL ]
π gnutls.py
5,605 B
SET
[ EDIT ]
|
[ DEL ]
π java.py
3,667 B
SET
[ EDIT ]
|
[ DEL ]
π krb5.py
1,648 B
SET
[ EDIT ]
|
[ DEL ]
π libreswan.py
4,827 B
SET
[ EDIT ]
|
[ DEL ]
π libssh.py
4,111 B
SET
[ EDIT ]
|
[ DEL ]
π nss.py
4,900 B
SET
[ EDIT ]
|
[ DEL ]
π openssh.py
8,380 B
SET
[ EDIT ]
|
[ DEL ]
π openssl.py
5,586 B
SET
[ EDIT ]
|
[ DEL ]
DELETE SELECTED
[ CLOSE ]
EDIT: krb5.py
# SPDX-License-Identifier: LGPL-2.1-or-later # Copyright (c) 2019 Red Hat, Inc. # Copyright (c) 2019 TomΓ‘Ε‘ MrΓ‘z <tmraz@fedoraproject.org> from .configgenerator import ConfigGenerator class KRB5Generator(ConfigGenerator): CONFIG_NAME = 'krb5' SCOPES = {'kerberos', 'krb5'} cipher_map = { 'CAMELLIA-256-CBC':'camellia256-cts-cmac', 'CAMELLIA-128-CBC':'camellia128-cts-cmac', 'CAMELLIA-128-CTS':'camellia128-cts-cmac' } cipher_mac_map = { 'AES-256-CBC-HMAC-SHA1':'aes256-cts-hmac-sha1-96', 'AES-256-CBC-HMAC-SHA2-384':'aes256-cts-hmac-sha384-192', 'AES-128-CBC-HMAC-SHA1':'aes128-cts-hmac-sha1-96', 'AES-128-CBC-HMAC-SHA2-256':'aes128-cts-hmac-sha256-128', # 'RC4-128-HMAC-MD5':'arcfour-hmac-md5' # forced last, see below } @classmethod def generate_config(cls, policy): p = policy.enabled sep = ' ' cfg = '[libdefaults]\n' cfg += 'permitted_enctypes = ' s = '' for j in p['mac']: for i in p['cipher']: try: s = cls.append(s, cls.cipher_mac_map[i + '-' + j], sep) except KeyError: pass for i in p['cipher']: try: s = cls.append(s, cls.cipher_map[i], sep) except KeyError: pass if 'RC4-128' in p['cipher'] and 'HMAC-MD5' in p['mac']: s = cls.append(s, 'arcfour-hmac-md5', sep) cfg += s + '\n' # By default libkrb5 sets the min_bits to 2048, don't # go lower than that. if policy.integers['min_dh_size'] > 2048: # $string .= "pkinit_dh_min_bits=$min_dh_size\n"; # krb5.conf only accepts 2048 or 4096 cfg += 'pkinit_dh_min_bits=4096\n' return cfg @classmethod def test_config(cls, config): # pylint: disable=unused-argument return True