[krbdev.mit.edu #8569] git commit
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Mon Apr 10 11:46:12 EDT 2017
Add support to query the SSF of a GSS context
Cyrus SASL provides a Security Strength Factor number to assess the
relative "strength" of the negotiated mechanism, and applications
sometimes make access control decisions based on it.
Add a call that allows us to query the mechanism that established the
GSS security context to ask what is the current SSF, based on the
enctype of the session key.
https://github.com/krb5/krb5/commit/7feb7da54c0321b5a3eeb6c3797846a3cf7eda28
Author: Simo Sorce <simo at redhat.com>
Committer: Greg Hudson <ghudson at mit.edu>
Commit: 7feb7da54c0321b5a3eeb6c3797846a3cf7eda28
Branch: master
src/include/k5-int.h | 1 +
src/lib/crypto/krb/crypto_int.h | 1 +
src/lib/crypto/krb/enctype_util.c | 16 +++++++++++++++
src/lib/crypto/krb/etypes.c | 33 ++++++++++++++++--------------
src/lib/crypto/libk5crypto.exports | 1 +
src/lib/gssapi/generic/gssapi_ext.h | 11 ++++++++++
src/lib/gssapi/generic/gssapi_generic.c | 9 ++++++++
src/lib/gssapi/krb5/gssapiP_krb5.h | 6 +++++
src/lib/gssapi/krb5/gssapi_krb5.c | 4 +++
src/lib/gssapi/krb5/inq_context.c | 27 +++++++++++++++++++++++++
src/lib/gssapi/libgssapi_krb5.exports | 1 +
src/lib/gssapi32.def | 1 +
src/lib/krb5_32.def | 3 ++
src/tests/gssapi/t_enctypes.c | 14 +++++++++++++
14 files changed, 113 insertions(+), 15 deletions(-)
More information about the krb5-bugs
mailing list