[krbdev.mit.edu #7680] git commit
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Thu Jul 18 00:59:05 EDT 2013
Add tests for PKINIT using responder functionality
We now also test that the PKINIT challenge looks like we expect it to
look, that PKINIT fails if we don't provide a response or a prompter
callback, and that PKINIT succeeds with a response provided using either
the raw responder API or the PKINIT responder functions.
One thing that we don't check is which specific error code we get when
PKINIT fails: the OpenSSL and NSS versions return different error codes
(some mixture of EIO, ENOMEM, ENOENT, and KRB5KDC_ERR_PREAUTH_FAILED)
when they encounter trouble loading client credentials.
https://github.com/krb5/krb5/commit/d3d07c3b2f3710c520af5698c096f124cc90f916
Author: Nalin Dahyabhai <nalin at dahyabhai.net>
Committer: Greg Hudson <ghudson at mit.edu>
Commit: d3d07c3b2f3710c520af5698c096f124cc90f916
Branch: master
src/tests/t_authpkinit.py | 160 +++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 160 insertions(+), 0 deletions(-)
More information about the krb5-bugs
mailing list