krb5 commit: Document key usage assigned number conflict

Zhanna A Tsitkova tsitkova at MIT.EDU
Fri Nov 30 17:24:38 EST 2012 

https://github.com/krb5/krb5/commit/e5b3c98f2bdd5dfea1eee75edca8dcdf4af3bb0b
commit e5b3c98f2bdd5dfea1eee75edca8dcdf4af3bb0b
Author: Zhanna Tsitkov <tsitkova at mit.edu>
Date:   Fri Nov 30 16:54:42 2012 -0500

    Document key usage assigned number conflict
    
    Document the fact that the key usage type 26 is used by both
    KBKRB5_KEYUSAGE_PA_S4U_X509_USER_REQUEST and
    KRB5_KEYUSAGE_PA_S4U_X509_USER_REQUEST, while 27 - by
    KRB5_KEYUSAGE_PA_S4U_X509_USER_REPLY and KRB5_KEYUSAGE_PA_SAM_RESPONSE.
    
    Also, since KRB5_KEYUSAGE_PA_REFERRAL is not actually used in MIT Kerberos
    code and is not defined in the latest referrals draft
    (http://tools.ietf.org/html/draft-ietf-krb-wg-kerberos-referrals-15)
    mark it as "unused".
    
    ticket: 7474
    tags: pullup
    target_version: 1.11

 src/include/krb5/krb5.hin |   21 ++++++++++-----------
 1 files changed, 10 insertions(+), 11 deletions(-)

diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin
index b83c91c..4b9e595 100644
--- a/src/include/krb5/krb5.hin
+++ b/src/include/krb5/krb5.hin
@@ -954,22 +954,21 @@ krb5_c_keyed_checksum_types(krb5_context context, krb5_enctype enctype,
 #define KRB5_KEYUSAGE_GSS_TOK_WRAP_INTEG        23
 #define KRB5_KEYUSAGE_GSS_TOK_WRAP_PRIV         24
 
-/* Defined in hardware preauth draft */
-
+/* Defined in Integrating SAM Mechanisms with Kerberos draft */
 #define KRB5_KEYUSAGE_PA_SAM_CHALLENGE_CKSUM    25
+/** Note conflict with @ref KRB5_KEYUSAGE_PA_S4U_X509_USER_REQUEST */
 #define KRB5_KEYUSAGE_PA_SAM_CHALLENGE_TRACKID  26
+/** Note conflict with @ref KRB5_KEYUSAGE_PA_S4U_X509_USER_REPLY */
 #define KRB5_KEYUSAGE_PA_SAM_RESPONSE           27
 
-/* Defined in KDC referrals draft */
-/*
- * @note There is a conflict with the value of @c KRB5_KEYUSAGE_PA_REFERRAL:
- * it is used for hardware Pre-athentication @a and KDC referrals.
- */
-#define KRB5_KEYUSAGE_PA_REFERRAL               26 /**< XXX note conflict */
-
 /* Defined in [MS-SFU] */
-#define KRB5_KEYUSAGE_PA_S4U_X509_USER_REQUEST  26 /**< XXX note conflict */
-#define KRB5_KEYUSAGE_PA_S4U_X509_USER_REPLY    27 /**< XXX note conflict */
+/** Note conflict with @ref KRB5_KEYUSAGE_PA_SAM_CHALLENGE_TRACKID */
+#define KRB5_KEYUSAGE_PA_S4U_X509_USER_REQUEST  26
+/** Note conflict with @ref KRB5_KEYUSAGE_PA_SAM_RESPONSE */
+#define KRB5_KEYUSAGE_PA_S4U_X509_USER_REPLY    27
+
+/* unused */
+#define KRB5_KEYUSAGE_PA_REFERRAL               26
 
 #define KRB5_KEYUSAGE_AD_SIGNEDPATH             -21
 #define KRB5_KEYUSAGE_IAKERB_FINISHED           42

More information about the cvs-krb5 mailing list