Ticket History #8353: Replace MD5 use in rcache with SHA-256

# Tue Jan 26 11:39:38 2016 ghudson@mit.edu (Greg Hudson) - Ticket created

From:	ghudson@mit.edu
Subject:	git commit

Download (untitled) / with headers
text/plain 974B

Replace MD5 use in rcache with SHA-256

The rcache implementation uses an unkeyed MD5 hash of the
authenticator to distinguish between different requests with equal
client principal, server principal, and microsecond time. When the
OpenSSL crypto provider is used and the underlying OpenSSL library is
run in FIPS mode, the MD5 algorithm is disabled and
gss_accept_sec_context() results in an abort in rcache processing.

This change effectively implements a different rcache extension.
The new extension identifier is 'SHA256:' (instead of 'HASH:')
and the new has algorithm is SHA-256.

https://github.com/krb5/krb5/commit/c546a30c7c9299a419f757768a3349bde09c9cd4
Author: Tomas Kuthan <tkuthan@gmail.com>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: c546a30c7c9299a419f757768a3349bde09c9cd4
Branch: master
src/lib/krb5/rcache/rc_conv.c | 22 +++++++++++-----------
src/lib/krb5/rcache/rc_dfl.c | 8 ++++----
2 files changed, 15 insertions(+), 15 deletions(-)

# Tue Jan 26 11:39:39 2016 ghudson@mit.edu (Greg Hudson) - Requestor ghudson@mit.edu (Greg Hudson) added

# Tue Jan 26 11:39:39 2016 ghudson@mit.edu (Greg Hudson) - Status changed from 'new' to 'review'

# Thu Oct 13 16:45:42 2016 tlyu (Taylor Yu) - Status changed from 'review' to 'resolved'

# Thu Oct 13 16:45:42 2016 tlyu (Taylor Yu) - Version_Fixed 1.15 added