Skip Menu |

Subject: git commit


A multi-round-trip preauth mechanism may require key information, but
not for the initial message from the client. To support optimistic
preauth for such mechanisms, make the KDC include etype-info2
information in a MORE_PREAUTH_DATA_REQUIRED error if the client didn't
include a PA-FX-COOKIE in its request.

Add optimistic preauth support to the test preauth module and to
etinfo.c, and add a test case to to verify that
etype-info2 is included in the optimistic multi-hop scenario.
Author: Greg Hudson <>
Commit: 1b4bd4e388faa5685aa483fdc2bded02c95350bc
Branch: master
src/kdc/kdc_preauth.c | 52 ++++++++++++++++++++++++++++++++++++
src/plugins/preauth/test/cltest.c | 17 +++++++++++-
src/plugins/preauth/test/kdctest.c | 11 +++++---
src/tests/etinfo.c | 22 +++++++++++---
src/tests/ | 12 ++++++++
5 files changed, 104 insertions(+), 10 deletions(-)