]> git.apps.os.sepia.ceph.com Git - ceph-ci.git/commit
projects / ceph-ci.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2049689) | patch
auth/cephx: modify client + server challenges hashing
authorYehuda Sadeh <ysadehwe@ibm.com>
Thu, 27 Feb 2025 21:14:06 +0000 (16:14 -0500)
committerPatrick Donnelly <pdonnell@ibm.com>
Wed, 1 Oct 2025 18:46:43 +0000 (14:46 -0400)
commit25ea2d623ffbb8f26551ead7f4ff2106ea30aca3
treed6d3a112b44c808dc8d72ea2a53e19f903ab94c7tree | snapshot
parent2049689178dfe952763a0cb3f3c44f93c620136bcommit | diff
auth/cephx: modify client + server challenges hashing

This applies when using ciphers that are not the original
AES-128 one. Use the hmac-sha256 hash now. With AES256KRB5
the original method of encrypting the combined challenges
doesn't work as the confounder randomizes the result.

Signed-off-by: Yehuda Sadeh <ysadehwe@ibm.com>
src/auth/Crypto.cc diff | blob | history
src/auth/Crypto.h diff | blob | history
src/auth/cephx/CephxProtocol.cc diff | blob | history
src/auth/cephx/CephxProtocol.h diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.