]> git.apps.os.sepia.ceph.com Git - ceph-ci.git/commit
projects / ceph-ci.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b6b7898) | patch
auth/cephx: modify client + server challenges hashing
authorYehuda Sadeh <ysadehwe@ibm.com>
Thu, 27 Feb 2025 21:14:06 +0000 (16:14 -0500)
committerPatrick Donnelly <pdonnell@ibm.com>
Mon, 22 Sep 2025 16:31:29 +0000 (12:31 -0400)
commitc18ea7899988e70785d25c12653c4750440ad312
tree556d8cd1047a1c2b794f3b6e949a0ea0b503b74etree | snapshot
parentb6b78987d77cc1eb688a68cdfe2f64f71bf79df3commit | diff
auth/cephx: modify client + server challenges hashing

This applies when using ciphers that are not the original
AES-128 one. Use the hmac-sha256 hash now. With AES256KRB5
the original method of encrypting the combined challenges
doesn't work as the confounder randomizes the result.

Signed-off-by: Yehuda Sadeh <ysadehwe@ibm.com>
(cherry picked from commit 31c07fbbf3b8c911a51b41791d6b6265923acda2)
src/auth/Crypto.cc diff | blob | history
src/auth/Crypto.h diff | blob | history
src/auth/cephx/CephxProtocol.cc diff | blob | history
src/auth/cephx/CephxProtocol.h diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.