OpenAFS Master Repository branch, master, updated. openafs-devel-1_5_76-3878-g9214870
Gerrit Code Review
gerrit@openafs.org
Wed, 24 Jul 2013 08:01:21 -0700 (PDT)
The following commit has been merged in the master branch:
commit 7e4e06b87a09197816b0e1ae132e38dc30090574
Author: Chaskiel Grundman <cg2v@andrew.cmu.edu>
Date: Sun Mar 17 21:58:47 2013 -0400
Derive DES/fcrypt session key from other key types
If a kerberos 5 ticket has a session key with a non-DES enctype,
use the NIST SP800-108 KDF in counter mode with HMAC_MD5 as the PRF to
construct a DES key to be used by rxkad.
To satisfy the requirements of the KDF, DES3 keys are first compressed into a
168 bit form by reversing the RFC3961 random-to-key algorithm
Windows has three additional places to get tokens, who knew?
Change-Id: I4dc8e83a641f9892b31c109fb9025251de3dcb27
src/WINNT/afsd/afskfw.c | 8 +-
src/WINNT/aklog/aklog.c | 10 ++-
src/WINNT/netidmgr_plugin/afsfuncs.c | 11 ++-
src/aklog/aklog.c | 13 ++-
src/libafsrpc/afsrpc.def | 1 +
src/libafsrpc/libafsrpc.la.sym | 1 +
src/rxkad/liboafs_rxkad.la.sym | 1 +
src/rxkad/rxkad_prototypes.h | 6 ++
src/rxkad/ticket5.c | 159 ++++++++++++++++++++++++++++++----
9 files changed, 177 insertions(+), 33 deletions(-)
--
OpenAFS Master Repository