OpenAFS Master Repository branch, openafs-devel-1_7_x, updated. openafs-devel-1_7_25-44-g46b1871

Gerrit Code Review gerrit@openafs.org
Wed, 24 Jul 2013 08:06:14 -0700 (PDT)


The following commit has been merged in the openafs-devel-1_7_x branch:
commit 7dea66612a8962ece37bde3c6fb1a857994314ef
Author: Chaskiel Grundman <cg2v@andrew.cmu.edu>
Date:   Sun Mar 17 21:58:47 2013 -0400

    Derive DES/fcrypt session key from other key types
    
    If a kerberos 5 ticket has a session key with a non-DES enctype,
    use the NIST SP800-108 KDF in counter mode with HMAC_MD5 as the PRF to
    construct a DES key to be used by rxkad.
    
    To satisfy the requirements of the KDF, DES3 keys are first compressed into a
    168 bit form by reversing the RFC3961 random-to-key algorithm
    
    Windows has three additional places to get tokens, who knew?
    
    (cherry-picked from 7e4e06b87a09197816b0e1ae132e38dc30090574)
    
    Change-Id: I4dc8e83a641f9892b31c109fb9025251de3dcb27

 src/WINNT/afsd/afskfw.c              |    8 ++-
 src/WINNT/aklog/aklog.c              |   12 ++-
 src/WINNT/netidmgr_plugin/afsfuncs.c |   11 ++-
 src/aklog/aklog.c                    |   13 ++-
 src/libafsrpc/afsrpc.def             |    1 +
 src/rxkad/rxkad_prototypes.h         |    6 ++
 src/rxkad/ticket5.c                  |  159 ++++++++++++++++++++++++++++++----
 7 files changed, 179 insertions(+), 31 deletions(-)

-- 
OpenAFS Master Repository