krb5.git - MIT Kerberos patches

	Commit message (Collapse)	Author	Age	Files	Lines
*	Use k5_setmsg	Greg Hudson	2014-06-05	1	-6/+4
\| \| \| \| \| \|	Replace most calls to krb5_set_error_message with k5_setmsg for brevity. Leave alone plugin sources where we don't include k5-int.h (mostly PKINIT).
*	Check for keys in encrypted timestamp/challenge	Greg Hudson	2013-05-03	1	-1/+6
\| \| \| \| \| \| \| \|	Encrypted timestamp and encrypted challenge cannot succeed if the client has no long-term key matching the request enctypes, so do not offer them in that case. ticket: 7630
*	Separate clpreauth and kdcpreauth interfaces	Greg Hudson	2012-12-19	1	-1/+1
\| \| \| \| \| \| \|	Since there is no overlap between the clpreauth and kdcpreauth interface declarations, there's no particular reason to combine them into one header. For backward compatibility and convenience, leave behind a preauth_plugin.h which includes both.
*	Make kdcpreauth edata method respond via callback	Greg Hudson	2011-10-15	1	-4/+4
\| \| \| \| \| \|	From npmccallum@redhat.com with changes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25348 dc483132-0cff-0310-8789-dd5450dbe970
*	Minor cleanups to encrypted challenge	Greg Hudson	2011-10-07	1	-22/+24
\| \| \| \|	git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25320 dc483132-0cff-0310-8789-dd5450dbe970
*	Ditch fast_factor.h since it contains only stubs	Greg Hudson	2011-10-06	1	-2/+0
\| \| \| \| \| \| \| \|	Leave a comment behind where we called fast_set_kdc_verified(). Remove the call to fast_kdc_replace_reply_key() since it's wrong (encrypted challenge doesn't replace the reply key in that sense). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25317 dc483132-0cff-0310-8789-dd5450dbe970
*	Use type-safe callbacks in preauth interface	Greg Hudson	2011-10-06	1	-33/+11
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Replace the generic get_data functions in clpreauth and kdcpreauth with structures containing callback functions. Each structure has a minor version number to allow adding new callbacks. For simplicity, the new fast armor key callbacks return aliases, which is how we would supply the armor key as a function parameter. The new client keys callback is paired with a free_keys callback to reduce the amount of cleanup code needed in modules. ticket: 6971 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25315 dc483132-0cff-0310-8789-dd5450dbe970
*	Use an opaque handle in the kdcpreauth callback	Greg Hudson	2011-10-05	1	-20/+13
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	Instead of passing a request and entry to the kdcpreauth get_data callback, pass an opaque handle. Remove DB entry and key data parameters from kdcpreauth methods (but keep the request, since that's transparent). The SecurID plugin links against libkdb5 and needs access to the client DB entry. Rather than continue to pass a DB entry to kdcpreauth methods, add a get_data callback to get the client DB entry for the few plugins which might need it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25300 dc483132-0cff-0310-8789-dd5450dbe970
*	Make kdcpreauth verify respond via callback	Greg Hudson	2011-10-03	1	-5/+7
\| \| \| \| \| \|	From npmccallum@redhat.com with changes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25294 dc483132-0cff-0310-8789-dd5450dbe970
*	Don't use accessor in encrypted challenge	Greg Hudson	2011-09-24	1	-15/+9
\| \| \| \| \| \| \|	Now that the encrypted challenge code is linked into libkrb5 and the KDC, it's unnecessary to use the accessor there. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25229 dc483132-0cff-0310-8789-dd5450dbe970
*	Recast encrypted challenge as linked built-ins	Greg Hudson	2011-09-23	1	-0/+244
	Since it has no external dependencies, split up encrypted preauth into clpreauth and kdcpreauth chunks and link them directly into the consumers. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25227 dc483132-0cff-0310-8789-dd5450dbe970