krb5_md5_crypto_compat_ctl()--Set Compatibility Mode for MD5 Checksum Generation


  Syntax 
 #include <krb5.h>

 void krb5_md5_crypto_compat_ctl(
     krb5_boolean   compat_mode);
  Service Program Name: QSYS/QKRBGSS

  Default Public Authority: *USE

  Threadsafe: Yes

The krb5_md5_crypto_compat_ctl() function sets the compatibility mode for the MD5 DES checksum generation.


Authorities

No authorities are required.


Parameters

compat_mode   (Input)
The compatibility mode. It is specified as either TRUE or FALSE.

Return Value

This function does not return a value.


Error Messages

Message ID Error Message Text
CPE3418 E Possible APAR condition or hardware failure.


Usage Notes

  1. Early beta levels of Kerberos Version 5 computed the MD5 DES checksum incorrectly. Enabling the compatibility mode causes the Kerberos runtime to generate the MD5 DES checksum the same way, while disabling the compatibility mode causes the Kerberos runtime to generate the checksum correctly.

  2. This routine sets the MD5 compatibility mode for the entire process and overrides the compatibility mode set by the rsa_md5_des_compat entry in the Kerberos configuration file.

API introduced: V5R1

[ Back to top | Security APIs | UNIX-Type APIs | APIs by category ]