svn rev #25317: trunk/src/ include/ kdc/ lib/krb5/krb/ plugins/preauth/pkinit/
ghudson@MIT.EDU
ghudson at MIT.EDU
Thu Oct 6 15:24:56 EDT 2011
http://src.mit.edu/fisheye/changelog/krb5/?cs=25317
Commit By: ghudson
Log Message:
Ditch fast_factor.h since it contains only stubs.
Leave a comment behind where we called fast_set_kdc_verified().
Remove the call to fast_kdc_replace_reply_key() since it's wrong
(encrypted challenge doesn't replace the reply key in that sense).
Changed Files:
D trunk/src/include/fast_factor.h
U trunk/src/kdc/deps
U trunk/src/kdc/kdc_preauth_ec.c
U trunk/src/lib/krb5/krb/deps
U trunk/src/lib/krb5/krb/preauth_ec.c
U trunk/src/plugins/preauth/pkinit/deps
U trunk/src/plugins/preauth/pkinit/pkinit_clnt.c
U trunk/src/plugins/preauth/pkinit/pkinit_srv.c
Modified: trunk/src/kdc/deps
===================================================================
--- trunk/src/kdc/deps 2011-10-06 16:38:35 UTC (rev 25316)
+++ trunk/src/kdc/deps 2011-10-06 19:24:56 UTC (rev 25317)
@@ -86,16 +86,16 @@
$(OUTPRE)kdc_preauth_ec.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(VERTO_DEPS) \
- $(top_srcdir)/include/fast_factor.h $(top_srcdir)/include/k5-buf.h \
- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
- $(top_srcdir)/include/kdb.h $(top_srcdir)/include/krb5.h \
- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
- $(top_srcdir)/include/krb5/preauth_plugin.h $(top_srcdir)/include/net-server.h \
- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
- kdc_preauth_ec.c kdc_util.h
+ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
+ $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
+ $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
+ $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/kdb.h \
+ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
+ $(top_srcdir)/include/net-server.h $(top_srcdir)/include/port-sockets.h \
+ $(top_srcdir)/include/socket-utils.h kdc_preauth_ec.c \
+ kdc_util.h
$(OUTPRE)main.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(VERTO_DEPS) \
Modified: trunk/src/kdc/kdc_preauth_ec.c
===================================================================
--- trunk/src/kdc/kdc_preauth_ec.c 2011-10-06 16:38:35 UTC (rev 25316)
+++ trunk/src/kdc/kdc_preauth_ec.c 2011-10-06 19:24:56 UTC (rev 25317)
@@ -31,7 +31,6 @@
#include <k5-int.h>
#include <krb5/preauth_plugin.h>
-#include "fast_factor.h"
#include "kdc_util.h"
static krb5_error_code
@@ -117,7 +116,6 @@
* may cause the client to fail, but at this point the KDC has
* considered this a success, so the return value is ignored.
*/
- fast_kdc_replace_reply_key(context, cb, rock);
if (krb5_c_fx_cf2_simple(context, armor_key, "kdcchallengearmor",
&client_keys[i], "challengelongterm",
&kdc_challenge_key) == 0)
Modified: trunk/src/lib/krb5/krb/deps
===================================================================
--- trunk/src/lib/krb5/krb/deps 2011-10-06 16:38:35 UTC (rev 25316)
+++ trunk/src/lib/krb5/krb/deps 2011-10-06 19:24:56 UTC (rev 25317)
@@ -732,8 +732,7 @@
preauth_ec.so preauth_ec.po $(OUTPRE)preauth_ec.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
- $(COM_ERR_DEPS) $(top_srcdir)/include/fast_factor.h \
- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+ $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
$(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
$(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
$(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
Modified: trunk/src/lib/krb5/krb/preauth_ec.c
===================================================================
--- trunk/src/lib/krb5/krb/preauth_ec.c 2011-10-06 16:38:35 UTC (rev 25316)
+++ trunk/src/lib/krb5/krb/preauth_ec.c 2011-10-06 19:24:56 UTC (rev 25317)
@@ -31,7 +31,6 @@
#include <k5-int.h>
#include <krb5/preauth_plugin.h>
-#include "fast_factor.h"
#include "int-proto.h"
static int
@@ -92,8 +91,8 @@
*/
if (scratch.data)
krb5_free_data_contents(context, &scratch);
- if (retval == 0)
- fast_set_kdc_verified(context, cb, rock);
+ /* If we had a callback to assert that the KDC is verified, we would
+ * call it here. */
if (enc)
krb5_free_enc_data(context, enc);
} else if (retval == 0) { /*No padata; we send*/
Modified: trunk/src/plugins/preauth/pkinit/deps
===================================================================
--- trunk/src/plugins/preauth/pkinit/deps 2011-10-06 16:38:35 UTC (rev 25316)
+++ trunk/src/plugins/preauth/pkinit/deps 2011-10-06 19:24:56 UTC (rev 25317)
@@ -16,8 +16,7 @@
pkinit_srv.so pkinit_srv.po $(OUTPRE)pkinit_srv.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
- $(COM_ERR_DEPS) $(top_srcdir)/include/fast_factor.h \
- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+ $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
$(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
$(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
$(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
@@ -49,11 +48,10 @@
pkinit.h pkinit_accessor.h pkinit_crypto.h pkinit_kdf_constants.c
pkinit_clnt.so pkinit_clnt.po $(OUTPRE)pkinit_clnt.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/fast_factor.h \
- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-platform.h \
- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5/plugin.h \
- $(top_srcdir)/include/krb5/preauth_plugin.h pkcs11.h \
- pkinit.h pkinit_accessor.h pkinit_clnt.c pkinit_crypto.h
+ $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-int-pkinit.h \
+ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \
+ $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
+ pkcs11.h pkinit.h pkinit_accessor.h pkinit_clnt.c pkinit_crypto.h
pkinit_profile.so pkinit_profile.po $(OUTPRE)pkinit_profile.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
Modified: trunk/src/plugins/preauth/pkinit/pkinit_clnt.c
===================================================================
--- trunk/src/plugins/preauth/pkinit/pkinit_clnt.c 2011-10-06 16:38:35 UTC (rev 25316)
+++ trunk/src/plugins/preauth/pkinit/pkinit_clnt.c 2011-10-06 19:24:56 UTC (rev 25317)
@@ -41,9 +41,6 @@
#include "pkinit.h"
-/* Remove when FAST PKINIT is settled. */
-#include "fast_factor.h"
-
/*
* It is anticipated that all the special checks currently
* required when talking to a Longhorn server will go away
Modified: trunk/src/plugins/preauth/pkinit/pkinit_srv.c
===================================================================
--- trunk/src/plugins/preauth/pkinit/pkinit_srv.c 2011-10-06 16:38:35 UTC (rev 25316)
+++ trunk/src/plugins/preauth/pkinit/pkinit_srv.c 2011-10-06 19:24:56 UTC (rev 25317)
@@ -37,9 +37,6 @@
#include <k5-int.h>
#include "pkinit.h"
-/* Remove when FAST PKINIT is settled. */
-#include "fast_factor.h"
-
static krb5_error_code
pkinit_init_kdc_req_context(krb5_context, pkinit_kdc_req_context *blob);
More information about the cvs-krb5
mailing list