]> git-server-git.apps.pok.os.sepia.ceph.com Git - ceph-ci.git/commit
projects / ceph-ci.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0619c9e) | patch
auth/cephx: modify client + server challenges hashing
authorYehuda Sadeh <ysadehwe@ibm.com>
Thu, 27 Feb 2025 21:14:06 +0000 (16:14 -0500)
committerPatrick Donnelly <pdonnell@ibm.com>
Mon, 26 Jan 2026 15:26:26 +0000 (10:26 -0500)
commit14e4306652720c1219315adb7b835e3e7a510ba5
tree2b71e28d83e9e3c151d271fa67ca2ac2c3819938tree | snapshot
parent0619c9e52311ef364b7062aabe2ddbfb5b8461f2commit | diff
auth/cephx: modify client + server challenges hashing

This applies when using ciphers that are not the original
AES-128 one. Use the hmac-sha256 hash now. With AES256KRB5
the original method of encrypting the combined challenges
doesn't work as the confounder randomizes the result.

Signed-off-by: Yehuda Sadeh <ysadehwe@ibm.com>
src/auth/Crypto.cc diff | blob | history
src/auth/Crypto.h diff | blob | history
src/auth/cephx/CephxProtocol.cc diff | blob | history
src/auth/cephx/CephxProtocol.h diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.