[krbdev.mit.edu #7680] git commit
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Thu Jul 18 00:58:58 EDT 2013
Support PKINIT OpenSSL deferred identity prompting
Add a password to the set of things that we can pass to a PEM password
callback and the function we use for loading PKCS12 bundles. If we're
meant to defer identity prompts, just store the name of the identity
which we're loading. Otherwise, if we're passed a password, use it.
Otherwise, use the prompter callback.
Add a password to the set of things that we can pass to the function
that we use for logging in to PKCS11 tokens, too, but if we're deferring
identity prompts, just return the identity name without doing anything
else. If not, and we're passed a password, use that. Otherwise, try to
use the prompter callback to get one.
https://github.com/krb5/krb5/commit/a3abb0bf5fade0009c9899624d4b996a4e12a49f
Author: Nalin Dahyabhai <nalin at redhat.com>
Committer: Greg Hudson <ghudson at mit.edu>
Commit: a3abb0bf5fade0009c9899624d4b996a4e12a49f
Branch: master
src/plugins/preauth/pkinit/pkinit_crypto_openssl.c | 214 +++++++++++++++-----
1 files changed, 159 insertions(+), 55 deletions(-)
More information about the krb5-bugs
mailing list