• R
    More Kerberos SSL changes from Jeffrey Altman <jaltman@columbia.edu> · 882e8912
    Richard Levitte 提交于
    His comments are:
    
    First, it corrects a problem introduced in the last patch where the
    kssl_map_enc() would intentionally return NULL for valid ENCTYPE
    values.  This was done to prevent verification of the kerberos 5
    authenticator from being performed when Derived Key ciphers were
    in use.  Unfortunately, the authenticator verification routine was
    not the only place that function was used.  And it caused core dumps.
    
    Second, it attempt to add to SSL_SESSION the Kerberos 5 Client
    Principal Name.
    882e8912
kssl.c 65.9 KB