git.ipfire.org Git - thirdparty/krb5.git/commit

]> git.ipfire.org Git - thirdparty/krb5.git/commit

projects / thirdparty / krb5.git / commit

author	Greg Hudson <ghudson@mit.edu>
	Thu, 5 Apr 2018 20:23:34 +0000 (16:23 -0400)
committer	Greg Hudson <ghudson@mit.edu>
	Mon, 9 Apr 2018 15:26:11 +0000 (11:26 -0400)
commit	7a24a088c16d326127dd2b29084d4ca085c70d10
tree	2fee2aa80ebaa979889f28930deca3b0907a5fa0	tree
parent	f240f1b0d324312be8aa59ead7cfbe0c329ed064	commit \| diff

Restrict pre-authentication fallback cases

Add a new callback disable_fallback() and call it from each clpreauth
module when it generates a client message using credentials to
authenticate. (For SPAKE, this is the message responding to a
challenge; for all other current mechanisms, it is the first and only
client message.) If disable_fallback() is called, do not try another
mechanism after a KDC error.

Remove k5_reset_preauth_types_tried() and its call sites, so that
preauth mechanisms which are tried optimistically will no longer be
retried after a failure.

ticket: 8654

14 files changed:

src/include/krb5/clpreauth_plugin.h		diff \| blob \| blame \| history
src/lib/krb5/krb/get_in_tkt.c		diff \| blob \| blame \| history
src/lib/krb5/krb/init_creds_ctx.h		diff \| blob \| blame \| history
src/lib/krb5/krb/int-proto.h		diff \| blob \| blame \| history
src/lib/krb5/krb/preauth2.c		diff \| blob \| blame \| history
src/lib/krb5/krb/preauth_ec.c		diff \| blob \| blame \| history
src/lib/krb5/krb/preauth_encts.c		diff \| blob \| blame \| history
src/lib/krb5/krb/preauth_otp.c		diff \| blob \| blame \| history
src/lib/krb5/krb/preauth_sam2.c		diff \| blob \| blame \| history
src/plugins/preauth/pkinit/pkinit_clnt.c		diff \| blob \| blame \| history
src/plugins/preauth/spake/spake_client.c		diff \| blob \| blame \| history
src/plugins/preauth/test/cltest.c		diff \| blob \| blame \| history
src/tests/t_preauth.py		diff \| blob \| blame \| history
src/tests/t_spake.py		diff \| blob \| blame \| history

Mirror of https://github.com/krb5/krb5.git

RSS Atom