diff options
author | Richard Levitte <levitte@openssl.org> | 2001-07-09 21:46:58 +0000 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2001-07-09 21:46:58 +0000 |
commit | 2a1ef754358e35c8e86df903e0a2f92c35a550d0 (patch) | |
tree | 6ac406a5043c584c2ce0912d35192c3c30376f67 /ssl/ssl_err.c | |
parent | c148d7097811c18f277a8559753c770f4ff85771 (diff) |
Patches from Vern Staats <staatsvr@asc.hpc.mil> to get Kerberos 5 in
SSL according to RFC 2712. His comment is:
This is a patch to openssl-SNAP-20010702 to support Kerberized SSL
authentication. I'm expecting to have the full kssl-0.5 kit up on
sourceforge by the end of the week. The full kit includes patches
for mod-ssl, apache, and a few text clients. The sourceforge URL
is http://sourceforge.net/projects/kssl/ .
Thanks to a note from Simon Wilkinson I've replaced my KRB5 AP_REQ
message with a real KerberosWrapper struct. I think this is fully
RFC 2712 compliant now, including support for the optional
authenticator field. I also added openssl-style ASN.1 macros for
a few Kerberos structs; see crypto/krb5/ if you're interested.
Diffstat (limited to 'ssl/ssl_err.c')
-rw-r--r-- | ssl/ssl_err.c | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index 481481b666..26410b9b2a 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -273,13 +273,17 @@ static ERR_STRING_DATA SSL_str_reasons[]= {SSL_R_INVALID_COMMAND ,"invalid command"}, {SSL_R_INVALID_PURPOSE ,"invalid purpose"}, {SSL_R_INVALID_TRUST ,"invalid trust"}, -{SSL_R_KRB5_C_CC_PRINC ,"krb5 c cc princ"}, -{SSL_R_KRB5_C_GET_CRED ,"krb5 c get cred"}, -{SSL_R_KRB5_C_INIT ,"krb5 c init"}, -{SSL_R_KRB5_C_MK_REQ ,"krb5 c mk req"}, -{SSL_R_KRB5_S_BAD_TICKET ,"krb5 s bad ticket"}, -{SSL_R_KRB5_S_INIT ,"krb5 s init"}, -{SSL_R_KRB5_S_RD_REQ ,"krb5 s rd req"}, +{SSL_R_KRB5 ,"krb5"}, +{SSL_R_KRB5_C_CC_PRINC ,"krb5 client cc principal (no tkt?)"}, +{SSL_R_KRB5_C_GET_CRED ,"krb5 client get cred"}, +{SSL_R_KRB5_C_INIT ,"krb5 client init"}, +{SSL_R_KRB5_C_MK_REQ ,"krb5 client mk_req (expired tkt?)"}, +{SSL_R_KRB5_S_BAD_TICKET ,"krb5 server bad ticket"}, +{SSL_R_KRB5_S_INIT ,"krb5 server init"}, +{SSL_R_KRB5_S_RD_REQ ,"krb5 server rd_req (keytab perms?)"}, +{SSL_R_KRB5_S_TKT_EXPIRED ,"krb5 server tkt expired"}, +{SSL_R_KRB5_S_TKT_NYV ,"krb5 server tkt not yet valid"}, +{SSL_R_KRB5_S_TKT_SKEW ,"krb5 server tkt skew"}, {SSL_R_LENGTH_MISMATCH ,"length mismatch"}, {SSL_R_LENGTH_TOO_SHORT ,"length too short"}, {SSL_R_LIBRARY_BUG ,"library bug"}, |