Skip Menu |
 

From: ghudson@mit.edu
Subject: git commit
Download (untitled) / with headers
text/plain 1.4KiB

Add support to query the SSF of a GSS context

Cyrus SASL provides a Security Strength Factor number to assess the
relative "strength" of the negotiated mechanism, and applications
sometimes make access control decisions based on it.

Add a call that allows us to query the mechanism that established the
GSS security context to ask what is the current SSF, based on the
enctype of the session key.

https://github.com/krb5/krb5/commit/7feb7da54c0321b5a3eeb6c3797846a3cf7eda28
Author: Simo Sorce <simo@redhat.com>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: 7feb7da54c0321b5a3eeb6c3797846a3cf7eda28
Branch: master
src/include/k5-int.h | 1 +
src/lib/crypto/krb/crypto_int.h | 1 +
src/lib/crypto/krb/enctype_util.c | 16 +++++++++++++++
src/lib/crypto/krb/etypes.c | 33 ++++++++++++++++--------------
src/lib/crypto/libk5crypto.exports | 1 +
src/lib/gssapi/generic/gssapi_ext.h | 11 ++++++++++
src/lib/gssapi/generic/gssapi_generic.c | 9 ++++++++
src/lib/gssapi/krb5/gssapiP_krb5.h | 6 +++++
src/lib/gssapi/krb5/gssapi_krb5.c | 4 +++
src/lib/gssapi/krb5/inq_context.c | 27 +++++++++++++++++++++++++
src/lib/gssapi/libgssapi_krb5.exports | 1 +
src/lib/gssapi32.def | 1 +
src/lib/krb5_32.def | 3 ++
src/tests/gssapi/t_enctypes.c | 14 +++++++++++++
14 files changed, 113 insertions(+), 15 deletions(-)