Skip Menu |
 

From: ghudson@mit.edu
Subject: git commit

Add replace_reply_key kdcpreauth callback

Provide an explicit way for kdcpreauth modules to replace the reply
key, and internally track when the reply key is fully replaced (as
opposed to strengthened by replacing it with a derivative of the
client long-term key). Use this facility in the FAST OTP, PKINIT, and
SPAKE kdcpreauth modules.

https://github.com/krb5/krb5/commit/ff57dc682a27bd205d715f3c0bed84890f2453c4
Author: Greg Hudson <ghudson@mit.edu>
Commit: ff57dc682a27bd205d715f3c0bed84890f2453c4
Branch: master
src/include/krb5/kdcpreauth_plugin.h | 29 +++++++++++++----
src/kdc/do_as_req.c | 5 +--
src/kdc/kdc_preauth.c | 22 ++++++++++++-
src/kdc/kdc_util.h | 1 +
src/plugins/preauth/otp/main.c | 51 +++++++++++++------------------
src/plugins/preauth/pkinit/pkinit_srv.c | 41 +++++++++++++------------
src/plugins/preauth/spake/spake_kdc.c | 24 +++-----------
7 files changed, 92 insertions(+), 81 deletions(-)
From: ghudson@mit.edu
Subject: git commit

Remove unneeded SPAKE free_modreq method

Commit ff57dc682a27bd205d715f3c0bed84890f2453c4 removed the use of
per-request module data in SPAKE, but neglected to remove the
corresponding free_modreq method.

https://github.com/krb5/krb5/commit/1465dbd8fc88cf31af3579f09a3148da3b9e1c3e
Author: Greg Hudson <ghudson@mit.edu>
Commit: 1465dbd8fc88cf31af3579f09a3148da3b9e1c3e
Branch: master
src/plugins/preauth/spake/spake_kdc.c | 9 ---------
1 files changed, 0 insertions(+), 9 deletions(-)