]> git.ipfire.org Git - thirdparty/krb5.git/commit
projects / thirdparty / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a1dc81d) | patch
Avoid draft 9 fallback after PKINIT failure 605/head
authorGreg Hudson <ghudson@mit.edu>
Tue, 7 Feb 2017 18:12:24 +0000 (13:12 -0500)
committerGreg Hudson <ghudson@mit.edu>
Thu, 9 Feb 2017 16:05:00 +0000 (11:05 -0500)
commit0963fa5f0d01d81d3c4088088b94c455f033e921
tree226af753279f5a281727ef2e36dfdd395cf750e5tree
parenta1dc81d22304e77edaa8388c7d7d75cade81dc80commit | diff
Avoid draft 9 fallback after PKINIT failure

If a KDC offers both RFC 4556 and draft 9 PKINIT, and we experience a
client-side failure trying RFC 4556 PKINIT (e.g. due to the user
entering the wrong PKCS #11 PIN), do not try to use draft 9 PKINIT.

ticket: 8544
src/plugins/preauth/pkinit/pkinit.h diff | blob | blame | history
src/plugins/preauth/pkinit/pkinit_clnt.c diff | blob | blame | history
src/plugins/preauth/pkinit/pkinit_trace.h diff | blob | blame | history
src/tests/t_pkinit.py diff | blob | blame | history
Mirror of https://github.com/krb5/krb5.git