From 65eccf19693dd2f6d4525062fdc04720f373af6f Mon Sep 17 00:00:00 2001
From: Aris Adamantiadis <aris@0xbadc0de.be>
Date: Mon, 4 Mar 2013 18:48:39 +0100
Subject: gssapi: retrieve forwarded (delegated) tickets

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
---
 src/gssapi.c | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/gssapi.c b/src/gssapi.c
index 23f2e3ad..64e08ac3 100644
--- a/src/gssapi.c
+++ b/src/gssapi.c
@@ -26,6 +26,7 @@
 #include "libssh/crypto.h"
 #include "libssh/callbacks.h"
 #include "libssh/string.h"
+#include "libssh/server.h"
 
 #include <gssapi.h>
 
@@ -402,7 +403,19 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_mic){
 	return SSH_PACKET_USED;
 }
 
-#endif
+/** @brief returns the client credentials of the connected client.
+ * If the client has given a forwardable token, the SSH server will
+ * retrieve it.
+ * @returns gssapi credentials handle.
+ * @returns NULL if no forwardable token is available.
+ */
+LIBSSH_API ssh_gssapi_creds ssh_gssapi_get_creds(ssh_session session){
+	if (!session || !session->gssapi || session->gssapi->client_creds == GSS_C_NO_CREDENTIAL)
+		return NULL;
+	return (ssh_gssapi_creds)session->gssapi->client_creds;
+}
+
+#endif /* SERVER */
 
 static int ssh_gssapi_send_auth_mic(ssh_session session, ssh_string *oid_set, int n_oid){
 	ssh_string str;
-- 
cgit