[krbdev.mit.edu #8234] git commit
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Thu Aug 27 12:06:55 EDT 2015
Add etype-info2 to MORE_PREAUTH_DATA_REQUIRED
A multi-round-trip preauth mechanism may require key information, but
not for the initial message from the client. To support optimistic
preauth for such mechanisms, make the KDC include etype-info2
information in a MORE_PREAUTH_DATA_REQUIRED error if the client didn't
include a PA-FX-COOKIE in its request.
Add optimistic preauth support to the test preauth module and to
etinfo.c, and add a test case to t_etype_info.py to verify that
etype-info2 is included in the optimistic multi-hop scenario.
https://github.com/krb5/krb5/commit/1b4bd4e388faa5685aa483fdc2bded02c95350bc
Author: Greg Hudson <ghudson at mit.edu>
Commit: 1b4bd4e388faa5685aa483fdc2bded02c95350bc
Branch: master
src/kdc/kdc_preauth.c | 52 ++++++++++++++++++++++++++++++++++++
src/plugins/preauth/test/cltest.c | 17 +++++++++++-
src/plugins/preauth/test/kdctest.c | 11 +++++---
src/tests/etinfo.c | 22 +++++++++++---
src/tests/t_etype_info.py | 12 ++++++++
5 files changed, 104 insertions(+), 10 deletions(-)
More information about the krb5-bugs
mailing list