diff options
| author | Richard Levitte <levitte@openssl.org> | 2001-07-09 21:46:58 +0000 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2001-07-09 21:46:58 +0000 |
| commit | 2a1ef754358e35c8e86df903e0a2f92c35a550d0 (patch) | |
| tree | 6ac406a5043c584c2ce0912d35192c3c30376f67 /ssl/ssl.h | |
| parent | c148d7097811c18f277a8559753c770f4ff85771 (diff) | |
| download | openssl-2a1ef754358e35c8e86df903e0a2f92c35a550d0.tar.gz | |
Patches from Vern Staats <staatsvr@asc.hpc.mil> to get Kerberos 5 in
SSL according to RFC 2712. His comment is:
This is a patch to openssl-SNAP-20010702 to support Kerberized SSL
authentication. I'm expecting to have the full kssl-0.5 kit up on
sourceforge by the end of the week. The full kit includes patches
for mod-ssl, apache, and a few text clients. The sourceforge URL
is http://sourceforge.net/projects/kssl/ .
Thanks to a note from Simon Wilkinson I've replaced my KRB5 AP_REQ
message with a real KerberosWrapper struct. I think this is fully
RFC 2712 compliant now, including support for the optional
authenticator field. I also added openssl-style ASN.1 macros for
a few Kerberos structs; see crypto/krb5/ if you're interested.
Diffstat (limited to 'ssl/ssl.h')
| -rw-r--r-- | ssl/ssl.h | 6 |
1 files changed, 5 insertions, 1 deletions
@@ -1459,13 +1459,17 @@ void ERR_load_SSL_strings(void); #define SSL_R_INVALID_COMMAND 280 #define SSL_R_INVALID_PURPOSE 278 #define SSL_R_INVALID_TRUST 279 +#define SSL_R_KRB5 1104 #define SSL_R_KRB5_C_CC_PRINC 1094 #define SSL_R_KRB5_C_GET_CRED 1095 #define SSL_R_KRB5_C_INIT 1096 #define SSL_R_KRB5_C_MK_REQ 1097 #define SSL_R_KRB5_S_BAD_TICKET 1098 #define SSL_R_KRB5_S_INIT 1099 -#define SSL_R_KRB5_S_RD_REQ 1100 +#define SSL_R_KRB5_S_RD_REQ 1108 +#define SSL_R_KRB5_S_TKT_EXPIRED 1105 +#define SSL_R_KRB5_S_TKT_NYV 1106 +#define SSL_R_KRB5_S_TKT_SKEW 1107 #define SSL_R_LENGTH_MISMATCH 159 #define SSL_R_LENGTH_TOO_SHORT 160 #define SSL_R_LIBRARY_BUG 274 |