[krbdev.mit.edu #7355] SVN Commit
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Tue Sep 11 01:08:12 EDT 2012
Add responder feature for initial cred exchanges
Add new APIs:
* krb5_get_init_creds_opt_set_responder
* krb5_responder_get_challenge
* krb5_responder_list_questions
* krb5_responder_set_answer
If a caller sets a responder, it will be invoked after preauth modules
have had a chance to review their incoming padata but before they produce
outgoing padata. The responder will be presented a set of questions with
optional challenges. The responder should then answer all questions it knows
how to handle. Both the answers and the challenges are printable UTF-8 and
may contain encoded, structured data specific to the question asked.
Add two new callbacks and one optional method to the clpreauth
interface. The new method (prep_questions) allows modules to ask questions
by setting them in the responder context using one of the new callbacks
(ask_responder_question). The other new callback (get_responder_answer) is
used by the process method to read the answers to the questions asked.
https://github.com/krb5/krb5/commit/43f507711689a71d3aaec8696721b8c981f8428e
Author: Nathaniel McCallum <npmccallum at redhat.com>
Committer: Greg Hudson <ghudson at mit.edu>
Commit: 43f507711689a71d3aaec8696721b8c981f8428e
Branch: master
.gitignore | 1 +
src/include/k5-int.h | 8 ++
src/include/krb5/krb5.hin | 71 ++++++++++++
src/include/krb5/preauth_plugin.h | 37 ++++++-
src/lib/krb5/krb/Makefile.in | 12 ++-
src/lib/krb5/krb/get_in_tkt.c | 6 +
src/lib/krb5/krb/gic_opt.c | 17 +++
src/lib/krb5/krb/init_creds_ctx.h | 1 +
src/lib/krb5/krb/int-proto.h | 31 +++++
src/lib/krb5/krb/preauth2.c | 103 ++++++++++++++++-
src/lib/krb5/krb/response_items.c | 212 +++++++++++++++++++++++++++++++++++
src/lib/krb5/krb/t_response_items.c | 94 +++++++++++++++
src/lib/krb5/libkrb5.exports | 4 +
src/lib/krb5_32.def | 4 +
14 files changed, 595 insertions(+), 6 deletions(-)
More information about the krb5-bugs
mailing list