[krbdev.mit.edu #8603] git commit

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
Report Content as Inappropriate

[krbdev.mit.edu #8603] git commit

Greg Hudson via RT

Remove incomplete PKINIT OCSP support

pkinit_kdc_ocsp is non-functional in the PKINIT OpenSSL crypto
implementation, so remove most traces of it, including its man page
entry.  If it is present in kdc.conf, error out of PKINIT
initialization instead of silently ignoring the realm entirely.

Author: Robbie Harwood <[hidden email]>
Committer: Greg Hudson <[hidden email]>
Commit: 3ff426b9048a8024e5c175256c63cd0ad0572320
Branch: master
 doc/admin/conf_files/kdc_conf.rst            |    3 ---
 src/man/kdc.conf.man                         |    3 ---
 src/plugins/preauth/pkinit/pkinit.h          |    2 +-
 src/plugins/preauth/pkinit/pkinit_identity.c |   11 -----------
 src/plugins/preauth/pkinit/pkinit_srv.c      |   12 ++++++++++--
 5 files changed, 11 insertions(+), 20 deletions(-)

krb5-bugs mailing list
[hidden email]