diff options
author | Richard Levitte <levitte@openssl.org> | 2000-11-30 22:53:34 +0000 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2000-11-30 22:53:34 +0000 |
commit | f9b3bff6f7e38960bb87a5623fbcbc45ee952c49 (patch) | |
tree | 3b5535854e57c4b07894e4775594cf2b50c61628 /ssl/ssl_lib.c | |
parent | fc2e05c2d5c078d1fdf0ee56fc118ea471000a3a (diff) | |
download | openssl-f9b3bff6f7e38960bb87a5623fbcbc45ee952c49.tar.gz |
First tentative impementation of Kerberos 5 cryptos and keys for SSL/TLS. Implemented by Vern Staats <staatsvr@asc.hpc.mil>, further hacked and distributed by Jeffrey Altman <jaltnab@columbia.edu>
Diffstat (limited to 'ssl/ssl_lib.c')
-rw-r--r-- | ssl/ssl_lib.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 621d101a9e..866cd182d4 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -191,6 +191,10 @@ SSL *SSL_new(SSL_CTX *ctx) if (s == NULL) goto err; memset(s,0,sizeof(SSL)); +#ifndef NO_KRB5 + s->kssl_ctx = kssl_ctx_new(); +#endif /* NO_KRB5 */ + if (ctx->cert != NULL) { /* Earlier library versions used to copy the pointer to @@ -1383,6 +1387,11 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher) mask|=SSL_aNULL; emask|=SSL_aNULL; +#ifndef NO_KRB5 + mask|=SSL_kKRB5|SSL_aKRB5; + emask|=SSL_kKRB5|SSL_aKRB5; +#endif + c->mask=mask; c->export_mask=emask; c->valid=1; @@ -1415,6 +1424,11 @@ X509 *ssl_get_server_send_cert(SSL *s) else i=SSL_PKEY_RSA_ENC; } + else if (kalg & SSL_aKRB5) + { + /* VRS something else here? */ + return(NULL); + } else /* if (kalg & SSL_aNULL) */ { SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,SSL_R_INTERNAL_ERROR); |