commit f9b3bff6f7e38960bb87a5623fbcbc45ee952c49
author Richard Levitte <levitte@openssl.org> Thu Nov 30 22:53:34 2000 +0000
committer Richard Levitte <levitte@openssl.org> Thu Nov 30 22:53:34 2000 +0000
tree 3b5535854e57c4b07894e4775594cf2b50c61628
parent fc2e05c2d5c078d1fdf0ee56fc118ea471000a3a

First tentative impementation of Kerberos 5 cryptos and keys for SSL/TLS.  Implemented by Vern Staats <staatsvr@asc.hpc.mil>, further hacked and distributed by Jeffrey Altman <jaltnab@columbia.edu>

ssl/ssl_lib.c

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 621d101..866cd18 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -191,6 +191,10 @@
 	if (s == NULL) goto err;
 	memset(s,0,sizeof(SSL));
 
+#ifndef	NO_KRB5
+	s->kssl_ctx = kssl_ctx_new();
+#endif	/* NO_KRB5 */
+
 	if (ctx->cert != NULL)
 		{
 		/* Earlier library versions used to copy the pointer to
@@ -1383,6 +1387,11 @@
 	mask|=SSL_aNULL;
 	emask|=SSL_aNULL;
 
+#ifndef NO_KRB5
+	mask|=SSL_kKRB5|SSL_aKRB5;
+	emask|=SSL_kKRB5|SSL_aKRB5;
+#endif
+
 	c->mask=mask;
 	c->export_mask=emask;
 	c->valid=1;
@@ -1415,6 +1424,11 @@
 		else
 			i=SSL_PKEY_RSA_ENC;
 		}
+	else if (kalg & SSL_aKRB5)
+		{
+		/* VRS something else here? */
+		return(NULL);
+		}
 	else /* if (kalg & SSL_aNULL) */
 		{
 		SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,SSL_R_INTERNAL_ERROR);