git.ipfire.org Git - thirdparty/krb5.git/commit

author	Greg Hudson <ghudson@mit.edu>
	Mon, 17 Aug 2015 22:26:36 +0000 (18:26 -0400)
committer	Greg Hudson <ghudson@mit.edu>
	Thu, 27 Aug 2015 15:55:42 +0000 (11:55 -0400)
commit	1b4bd4e388faa5685aa483fdc2bded02c95350bc
tree	0d83d3a923f8026a1f65a70ab15dcb9262e57d63	tree
parent	426d0bae0ebc8a4d4c6e44dd8953cde2196b5d82	commit \| diff

Add etype-info2 to MORE_PREAUTH_DATA_REQUIRED

A multi-round-trip preauth mechanism may require key information, but
not for the initial message from the client. To support optimistic
preauth for such mechanisms, make the KDC include etype-info2
information in a MORE_PREAUTH_DATA_REQUIRED error if the client didn't
include a PA-FX-COOKIE in its request.

Add optimistic preauth support to the test preauth module and to
etinfo.c, and add a test case to t_etype_info.py to verify that
etype-info2 is included in the optimistic multi-hop scenario.

ticket: 8234 (new)

src/kdc/kdc_preauth.c		diff \| blob \| blame \| history
src/plugins/preauth/test/cltest.c		diff \| blob \| blame \| history
src/plugins/preauth/test/kdctest.c		diff \| blob \| blame \| history
src/tests/etinfo.c		diff \| blob \| blame \| history
src/tests/t_etype_info.py		diff \| blob \| blame \| history