generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

make kerberos work with OPENSSL_NO_SSL_INTERN

Browse Source
This commit is contained in:
Dr. Stephen Henson
2011-05-11 22:52:34 +00:00
parent 9472baae0d
commit 39348038df
4 changed files with 45 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
apps/s_server.c
View File

@@ -1861,6 +1861,9 @@ static int sv_body(char *hostname, int s, unsigned char *context)
unsigned long l;
SSL *con=NULL;
BIO *sbio;
#ifndef OPENSSL_NO_KRB5
KSSL_CTX *kctx;
#endif
struct timeval timeout;
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
struct timeval tv;
@@ -1901,12 +1904,11 @@ static int sv_body(char *hostname, int s, unsigned char *context)
}
#endif
#ifndef OPENSSL_NO_KRB5
if ((con->kssl_ctx = kssl_ctx_new()) != NULL)
if ((kctx = kssl_ctx_new()) != NULL)
{
kssl_ctx_setstring(con->kssl_ctx, KSSL_SERVICE,
KRB5SVC);
kssl_ctx_setstring(con->kssl_ctx, KSSL_KEYTAB,
KRB5KEYTAB);
SSL_set0_kssl_ctx(con, kctx);
kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
}
#endif /* OPENSSL_NO_KRB5 */
if(context)
@@ -2299,10 +2301,11 @@ static int init_ssl_connection(SSL *con)
TLS1_FLAGS_TLS_PADDING_BUG)
BIO_printf(bio_s_out,"Peer has incorrect TLSv1 block padding\n");
#ifndef OPENSSL_NO_KRB5
if (con->kssl_ctx->client_princ != NULL)
client_princ = kssl_ctx_get0_client_princ(SSL_get0_kssl_ctx(con));
if (client_princ != NULL)
{
BIO_printf(bio_s_out,"Kerberos peer principal is %s\n",
con->kssl_ctx->client_princ);
client_princ);
}
#endif /* OPENSSL_NO_KRB5 */
BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n",
@@ -2324,6 +2327,9 @@ err:
return(ret);
}
#endif
#ifndef OPENSSL_NO_KRB5
char *client_princ;
#endif
#if 0
static int load_CA(SSL_CTX *ctx, char *file)
@@ -2354,6 +2360,9 @@ static int www_body(char *hostname, int s, unsigned char *context)
SSL *con;
const SSL_CIPHER *c;
BIO *io,*ssl_bio,*sbio;
#ifndef OPENSSL_NO_KRB5
KSSL_CTX *kctx;
#endif
buf=OPENSSL_malloc(bufsize);
if (buf == NULL) return(0);
@@ -2385,10 +2394,10 @@ static int www_body(char *hostname, int s, unsigned char *context)
}
#endif
#ifndef OPENSSL_NO_KRB5
if ((con->kssl_ctx = kssl_ctx_new()) != NULL)
if ((kctx = kssl_ctx_new()) != NULL)
{
kssl_ctx_setstring(con->kssl_ctx, KSSL_SERVICE, KRB5SVC);
kssl_ctx_setstring(con->kssl_ctx, KSSL_KEYTAB, KRB5KEYTAB);
kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
}
#endif /* OPENSSL_NO_KRB5 */
if(context) SSL_set_session_id_context(con, context,