]> git.ipfire.org Git - thirdparty/krb5.git/commit
projects / thirdparty / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e12e890) | patch
Track first local TGT key in KDC code 971/head
authorGreg Hudson <ghudson@mit.edu>
Thu, 22 Aug 2019 06:04:28 +0000 (02:04 -0400)
committerGreg Hudson <ghudson@mit.edu>
Tue, 27 Aug 2019 00:04:01 +0000 (20:04 -0400)
commit570967e11bd5ea60a82fc8157ad7d07602402ebb
treeea005588844eaded2a4b38d387cb86d32fbd47cetree
parente12e890f063f41bf8aef45e44a3ee329f64139d2commit | diff
Track first local TGT key in KDC code

Decrypt the first local TGT key in get_local_tgt() and save it in the
AS and TGS processing functions.  (As we now sort key data by
descending kvno, this is guaranteed to be the most recent key.)  Pass
this key to the authdata and FAST cookie functions to simplify cookie
encryption and authdata signing.  Decryption and verification
functions must still sometimes decrypt earlier keys to process tickets
predating the last local TGT key rollover.
src/kdc/cammac.c diff | blob | blame | history
src/kdc/do_as_req.c diff | blob | blame | history
src/kdc/do_tgs_req.c diff | blob | blame | history
src/kdc/fast_util.c diff | blob | blame | history
src/kdc/kdc_authdata.c diff | blob | blame | history
src/kdc/kdc_util.c diff | blob | blame | history
src/kdc/kdc_util.h diff | blob | blame | history
Mirror of https://github.com/krb5/krb5.git