[krbdev.mit.edu #7680] git commit
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Thu Jul 18 00:58:54 EDT 2013
Split pkinit_identity_initialize into two phases
Split part of pkinit_identity_initialize() into a second piece named
pkinit_identity_prompt(). Have each piece pass a new boolean flag to
crypto_load_certs() to indicate if it should defer prompting for a
password/PIN for client identities that require one. If the flag isn't
set, then crypto_load_certs() should attempt to use a responder-supplied
value, or call the prompter if there isn't one.
https://github.com/krb5/krb5/commit/60426439f672fe273ceead17910f818da1954c5b
Author: Nalin Dahyabhai <nalin at redhat.com>
Committer: Greg Hudson <ghudson at mit.edu>
Commit: 60426439f672fe273ceead17910f818da1954c5b
Branch: master
src/plugins/preauth/pkinit/pkinit.h | 10 +++
src/plugins/preauth/pkinit/pkinit_clnt.c | 26 +++++++--
src/plugins/preauth/pkinit/pkinit_crypto.h | 3 +-
src/plugins/preauth/pkinit/pkinit_crypto_nss.c | 3 +-
src/plugins/preauth/pkinit/pkinit_crypto_openssl.c | 3 +-
src/plugins/preauth/pkinit/pkinit_identity.c | 60 ++++++++++++++++++--
src/plugins/preauth/pkinit/pkinit_srv.c | 7 ++-
7 files changed, 97 insertions(+), 15 deletions(-)
More information about the krb5-bugs
mailing list