diff options
| author | Tom Yu <tlyu@mit.edu> | 2003-05-10 00:01:04 +0000 |
|---|---|---|
| committer | Tom Yu <tlyu@mit.edu> | 2003-05-10 00:01:04 +0000 |
| commit | 508e90e51619c79d2680eaeca754d516c7f88fdf (patch) | |
| tree | 99bed617bdb438c95c55d7c265f9ef4beb9e23f3 /src/lib/gssapi | |
| parent | 919b3a91b573c746a62a704fc5cdf883605d6aa9 (diff) | |
| download | krb5-508e90e51619c79d2680eaeca754d516c7f88fdf.tar.gz krb5-508e90e51619c79d2680eaeca754d516c7f88fdf.tar.xz krb5-508e90e51619c79d2680eaeca754d516c7f88fdf.zip | |
Rename the local_subkey and remote_subkey fields in the auth_context
to send_subkey and recv_subkey, respectively. Add new APIs to query
and set these fields. Change the behavior of mk_req_ext, rd_req_dec,
and rd_rep to set both subkeys. Applications wanting to set
unidirectional subkeys may still do so by saving the values of subkeys
and doing overrides. Cause mk_cred, mk_priv, and mk_safe to never use
the recv_subkey. Cause rd_cred, rd_priv, and rd_safe to never use the
send_subkey.
ticket: 1415
status: open
tags: pullup
target_version: 1.3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15407 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/gssapi')
| -rw-r--r-- | src/lib/gssapi/krb5/ChangeLog | 8 | ||||
| -rw-r--r-- | src/lib/gssapi/krb5/accept_sec_context.c | 8 | ||||
| -rw-r--r-- | src/lib/gssapi/krb5/init_sec_context.c | 4 |
3 files changed, 14 insertions, 6 deletions
diff --git a/src/lib/gssapi/krb5/ChangeLog b/src/lib/gssapi/krb5/ChangeLog index 47f718d16..008821022 100644 --- a/src/lib/gssapi/krb5/ChangeLog +++ b/src/lib/gssapi/krb5/ChangeLog @@ -1,3 +1,11 @@ +2003-05-09 Tom Yu <tlyu@mit.edu> + + * accept_sec_context.c (krb5_gss_accept_sec_context): Rename + remote_subkey -> recv_subkey. + + * init_sec_context.c (krb5_gss_init_sec_context): Rename + local_subkey -> send_subkey. + 2003-03-14 Sam Hartman <hartmans@mit.edu> * accept_sec_context.c (krb5_gss_accept_sec_context): Set diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c index a004acb22..4cc0651af 100644 --- a/src/lib/gssapi/krb5/accept_sec_context.c +++ b/src/lib/gssapi/krb5/accept_sec_context.c @@ -101,8 +101,8 @@ rd_and_store_for_creds(context, auth_context, inbuf, out_cred) * By the time krb5_rd_cred is called here (after krb5_rd_req has been * called in krb5_gss_accept_sec_context), the "keyblock" field of * auth_context contains a pointer to the session key, and the - * "remote_subkey" field might contain a session subkey. Either of - * these (the "remote_subkey" if it isn't NULL, otherwise the + * "recv_subkey" field might contain a session subkey. Either of + * these (the "recv_subkey" if it isn't NULL, otherwise the * "keyblock") might have been used to encrypt the encrypted part of * the KRB_CRED message that contains the forwarded credentials. (The * Java Crypto and Security Implementation from the DSTC in Australia @@ -592,8 +592,8 @@ krb5_gss_accept_sec_context(minor_status, context_handle, goto fail; } - if ((code = krb5_auth_con_getremotesubkey(context, auth_context, - &ctx->subkey))) { + if ((code = krb5_auth_con_getrecvsubkey(context, auth_context, + &ctx->subkey))) { major_status = GSS_S_FAILURE; goto fail; } diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c index ba630f1eb..ed3631152 100644 --- a/src/lib/gssapi/krb5/init_sec_context.c +++ b/src/lib/gssapi/krb5/init_sec_context.c @@ -572,8 +572,8 @@ krb5_gss_init_sec_context(minor_status, claimant_cred_handle, krb5_auth_con_getlocalseqnumber(context, ctx->auth_context, &ctx->seq_send); - krb5_auth_con_getlocalsubkey(context, ctx->auth_context, - &ctx->subkey); + krb5_auth_con_getsendsubkey(context, ctx->auth_context, + &ctx->subkey); /* fill in the encryption descriptors */ |