[krbdev.mit.edu #9049] git commit
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Thu Jan 27 16:57:38 EST 2022
Thu Jan 27 16:57:38 2022: Request 9049 was acted upon.
Transaction: Ticket created by ghudson at mit.edu
Queue: krb5
Subject: git commit
Owner: ghudson at mit.edu
Requestors:
Status: new
Ticket <URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=9049 >
Add replace_reply_key kdcpreauth callback
Provide an explicit way for kdcpreauth modules to replace the reply
key, and internally track when the reply key is fully replaced (as
opposed to strengthened by replacing it with a derivative of the
client long-term key). Use this facility in the FAST OTP, PKINIT, and
SPAKE kdcpreauth modules.
https://github.com/krb5/krb5/commit/ff57dc682a27bd205d715f3c0bed84890f2453c4
Author: Greg Hudson <ghudson at mit.edu>
Commit: ff57dc682a27bd205d715f3c0bed84890f2453c4
Branch: master
src/include/krb5/kdcpreauth_plugin.h | 29 +++++++++++++----
src/kdc/do_as_req.c | 5 +--
src/kdc/kdc_preauth.c | 22 ++++++++++++-
src/kdc/kdc_util.h | 1 +
src/plugins/preauth/otp/main.c | 51 +++++++++++++------------------
src/plugins/preauth/pkinit/pkinit_srv.c | 41 +++++++++++++------------
src/plugins/preauth/spake/spake_kdc.c | 24 +++-----------
7 files changed, 92 insertions(+), 81 deletions(-)
More information about the krb5-bugs
mailing list