git.ipfire.org Git - thirdparty/krb5.git/commit

author	Nalin Dahyabhai <nalin@dahyabhai.net>
	Thu, 24 Apr 2014 20:30:56 +0000 (16:30 -0400)
committer	Greg Hudson <ghudson@mit.edu>
	Mon, 2 Jun 2014 21:59:14 +0000 (17:59 -0400)
commit	d950809ff49e3e7603594186d77135a09ab6b1b2
tree	aabcc959fcc9120277439b4911456960aac060df	tree
parent	606e2ccc0a2546a23761f910482a55c5bf0f98ac	commit \| diff

HTTPS transport (Microsoft KKDCPP implementation)

Add an 'HTTPS' transport type which connects to an [MS-KKDCP] proxy
server using HTTPS to communicate with a KDC. The KDC's name should
take the form of an HTTPS URL (e.g. "https://proxybox/KdcProxy").

An HTTPS connection's encryption layer can be reading and writing when
the application layer is expecting to write and read, so the HTTPS
callbacks have to handle being called multiple times.

[nalin@redhat.com: use cleanup labels, make sure we always send the
realm name, keep a copy of the URI on-hand, move most of the
conditionally-compiled sections into their own conditionally-built
functions, break out HTTPS request formatting into a helper function,
handle the MS-KKDCP length bytes, update comments to mention specific
versions of the MS-KKDCP spec, differentiate TCP and HTTP trace
messages, trace unparseable responses]

ticket: 7929

src/include/k5-trace.h		diff \| blob \| blame \| history
src/lib/krb5/os/locate_kdc.c		diff \| blob \| blame \| history
src/lib/krb5/os/os-proto.h		diff \| blob \| blame \| history
src/lib/krb5/os/sendto_kdc.c		diff \| blob \| blame \| history
src/lib/krb5/os/t_locate_kdc.c		diff \| blob \| blame \| history
src/lib/krb5/os/trace.c		diff \| blob \| blame \| history