Do not request Single DES session key or allow weak crypto

* mod_waklog now only supports rekeyed cells

diff --git a/mod_waklog.c b/mod_waklog.c
index 9b6ca89..6a783b2 100644 (file)
--- a/mod_waklog.c
+++ b/mod_waklog.c
@@ -533,12 +533,6 @@ set_auth ( server_rec *s, request_rec *r, int self, char *principal, char *keyta
       log_error(APLOG_MARK, APLOG_DEBUG, 0, s, "mod_waklog: retrieved data from ccache for %s", k5user);
       
       increds.times.endtime = 0;
-
-      /* Since we're fetching a key for AFS, we have to use single DES
-        and explicitely enable weak crypto using the secret API
-        call */
-      increds.keyblock.enctype = ENCTYPE_DES_CBC_CRC;
-      krb5_allow_weak_crypto (child.kcontext, 1);
       
       if ( ( kerror = krb5_get_credentials (child.kcontext, 0, clientccache, &increds, &v5credsp ) ) ) {
         /* only complain once we've tried both afs@REALM and afs/cell@REALM */