Add message hash support to the replay interface, using extension
authorGreg Hudson <ghudson@mit.edu>
Mon, 12 Jan 2009 18:29:42 +0000 (18:29 +0000)
committerGreg Hudson <ghudson@mit.edu>
Mon, 12 Jan 2009 18:29:42 +0000 (18:29 +0000)
commit529e72785f09c36a9aa34fd7f3fc30fb41a1c92e
treef3eabb982f7d8eb8cedf54fa4389d8ccc99ebd19
parent648e32a9034138369d52f9bb29d3d6293d5733e5
Add message hash support to the replay interface, using extension
records (with an empty client string) to retain compatibility with old
code.  For rd_req, the ciphertext of the authenticator (with no ASN.1
wrapping) is hashed; for other uses of the replay cache, no message
hash is used at this time.

This commit adds a command-line tool for testing the replay cache but
does not add any automated tests.

ticket: 1201

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21723 dc483132-0cff-0310-8789-dd5450dbe970
15 files changed:
src/include/k5-int.h
src/kdc/kdc_preauth.c
src/lib/krb5/krb/mk_cred.c
src/lib/krb5/krb/mk_priv.c
src/lib/krb5/krb/mk_safe.c
src/lib/krb5/krb/rd_cred.c
src/lib/krb5/krb/rd_priv.c
src/lib/krb5/krb/rd_req_dec.c
src/lib/krb5/krb/rd_safe.c
src/lib/krb5/libkrb5.exports
src/lib/krb5/rcache/Makefile.in
src/lib/krb5/rcache/rc_conv.c
src/lib/krb5/rcache/rc_dfl.c
src/lib/krb5/rcache/t_replay.c [new file with mode: 0644]
src/tests/threads/t_rcache.c