Mon Mar 18 20:56:37 1996 Theodore Y. Ts'o <tytso@dcl>
authorTheodore Tso <tytso@mit.edu>
Tue, 19 Mar 1996 02:33:21 +0000 (02:33 +0000)
committerTheodore Tso <tytso@mit.edu>
Tue, 19 Mar 1996 02:33:21 +0000 (02:33 +0000)
commitcd03be26f1019467b1be10b4f2b2b75265e94aff
treea131d718bb9bcbf7d92872b77e517a1490900cd2
parentba00731f950def3aceed6b5ac6911836b42ed3d5
Mon Mar 18 20:56:37 1996  Theodore Y. Ts'o  <tytso@dcl>

      * kerberos5.c (kerberos5_send): Send in as input the
              authentication type pair (ap->type, ap->way) to be
              checksumed in the authenticator.
              (kerberos5_is): If the checksum is present in the
              authenticator, then validate the authentication type pair
              against the checksum.
              (kerberos5_reply): If we didn't do mutual authentication,
              and we receive a KRB_ACCEPT, then stash away the session
              key anyway.  This way we have a chance of doing encryption
              even if mutual authentication wasn't done.

      * encrypt.c (EncryptStartInput, EncryptStartOutput): Added
              conditional around printf so that these two functions can
              be called by the server.
              (encrypt_is_encrypting): New function which returns true
              only if both sides of the telnet stream is encrypted.

Fri Mar 15 18:19:44 1996  Theodore Y. Ts'o  <tytso@dcl>

      * auth.c: Added new authentication scheme for Krb5 mutual
              authentication with mandatory encryption.
              (auth_send, auth_send_retry): Split auth_send() so that
              the functionality done by auth_send_retry() is separate.
              This avoids a really dodgy pointer comparison which was
              caused by auth_send() being used for two purposes.
              If the client has not requested encryption, then don't
              use the authentication systems which require encryption.
              (auth_must_encrypt):  New function which returns whether
              or not encryption must be negotiated.

      * auth-proto.h: Added prototype for new option
              auth_must_encrypt().

      * Makefile.in (ENCRYPTION, DES_ENCRYPTION): Added defines to turn
              on encryption and des encryption.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7661 dc483132-0cff-0310-8789-dd5450dbe970
src/appl/telnet/libtelnet/ChangeLog
src/appl/telnet/libtelnet/Makefile.in
src/appl/telnet/libtelnet/auth-proto.h
src/appl/telnet/libtelnet/auth.c
src/appl/telnet/libtelnet/enc-proto.h
src/appl/telnet/libtelnet/encrypt.c
src/appl/telnet/libtelnet/kerberos5.c