Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.427 (Entity 5.427)
From: ghudson@mit.edu
Subject: git commit
RT-Send-CC:
X-RT-Original-Encoding: iso-8859-1
Content-Length: 1055


Support PKINIT OpenSSL deferred identity prompting

Add a password to the set of things that we can pass to a PEM password
callback and the function we use for loading PKCS12 bundles.  If we're
meant to defer identity prompts, just store the name of the identity
which we're loading.  Otherwise, if we're passed a password, use it.
Otherwise, use the prompter callback.

Add a password to the set of things that we can pass to the function
that we use for logging in to PKCS11 tokens, too, but if we're deferring
identity prompts, just return the identity name without doing anything
else.  If not, and we're passed a password, use that.  Otherwise, try to
use the prompter callback to get one.

https://github.com/krb5/krb5/commit/a3abb0bf5fade0009c9899624d4b996a4e12a49f
Author: Nalin Dahyabhai <nalin@redhat.com>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: a3abb0bf5fade0009c9899624d4b996a4e12a49f
Branch: master
 src/plugins/preauth/pkinit/pkinit_crypto_openssl.c |  214 +++++++++++++++-----
 1 files changed, 159 insertions(+), 55 deletions(-)