diff options
author | Theodore Tso <tytso@mit.edu> | 1996-01-04 03:00:07 +0000 |
---|---|---|
committer | Theodore Tso <tytso@mit.edu> | 1996-01-04 03:00:07 +0000 |
commit | ea21a78f413afcfb20c18918f7c8ce2fea401636 (patch) | |
tree | 1a8d57a0bc3c718a61148a8b28b44e806af81c22 /src/appl/gss-sample | |
parent | ccfc9a62a43de47fb236c36935bab8d1967b1f54 (diff) | |
download | krb5-ea21a78f413afcfb20c18918f7c8ce2fea401636.tar.gz krb5-ea21a78f413afcfb20c18918f7c8ce2fea401636.tar.xz krb5-ea21a78f413afcfb20c18918f7c8ce2fea401636.zip |
* gss-client.c (main, client_establish_context): If the -d flag is
given to the client, then try to delegate credentials when
establishing the context.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7265 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/appl/gss-sample')
-rw-r--r-- | src/appl/gss-sample/ChangeLog | 6 | ||||
-rw-r--r-- | src/appl/gss-sample/README | 14 | ||||
-rw-r--r-- | src/appl/gss-sample/gss-client.c | 11 |
3 files changed, 25 insertions, 6 deletions
diff --git a/src/appl/gss-sample/ChangeLog b/src/appl/gss-sample/ChangeLog index f15c38c053..18b5a421cc 100644 --- a/src/appl/gss-sample/ChangeLog +++ b/src/appl/gss-sample/ChangeLog @@ -1,3 +1,9 @@ +Wed Jan 3 21:55:30 1996 Theodore Y. Ts'o <tytso@dcl> + + * gss-client.c (main, client_establish_context): If the -d flag is + given to the client, then try to delegate credentials when + establishing the context. + Thu Oct 12 11:15:28 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> * gss-misc.c (recv_token): When continuing partial read, decrease diff --git a/src/appl/gss-sample/README b/src/appl/gss-sample/README index 0ec6bb7d7c..a8d0afa7e2 100644 --- a/src/appl/gss-sample/README +++ b/src/appl/gss-sample/README @@ -41,20 +41,26 @@ interfaces. The server's command line usage is - gss-server [-port port] service_name + gss-server [-port port] [-v2] service_name where service_name is a GSS-API service name of the form "service@host". The server will accept TCP connections on port -(default 4444) and establish contexts as service_name. +(default 4444) and establish contexts as service_name. The -v2 option +means that the GSSAPI v2 calls should be used (and tested). + The client's command line usage is - gss-client [-port port] host service_name msg + gss-client [-port port] [-v2] [-d] host service_name msg where host is the host running the server, service_name is the service name that the server will establish connections as, and msg is the message. The client connects to the TCP on <host:port> (default 4444) -and performs the exchange. +and performs the exchange. The "-d" option specifies delegation - +a forwardable TGT will be sent to the server, which will put it in +its credential cache (you must kinit -f for this to work). +The -v2 option means that the GSSAPI v2 calls should be used (and +tested). If you are using this sample application with OpenVision's Kerberos 5 GSS-API mechanism: diff --git a/src/appl/gss-sample/gss-client.c b/src/appl/gss-sample/gss-client.c index 56e07c2d6c..3827336ffe 100644 --- a/src/appl/gss-sample/gss-client.c +++ b/src/appl/gss-sample/gss-client.c @@ -41,13 +41,16 @@ int call_server(); int send_token(); int recv_token(); + +int deleg_flag; void display_status(); extern FILE *display_file; usage() { - fprintf(stderr, "Usage: gss-client [-port port] [-v2] host service msg\n"); + fprintf(stderr, "Usage: gss-client [-port port] [-d] [-v2] host service \ +msg\n"); exit(1); } @@ -60,6 +63,7 @@ main(argc, argv) int v2 = 0; display_file = stdout; + deleg_flag = 0; /* Parse arguments. */ argc--; argv++; @@ -70,6 +74,8 @@ main(argc, argv) port = atoi(*argv); } else if (strcmp(*argv, "-v2") == 0) { v2 = 1; + } else if (strcmp(*argv, "-d") == 0) { + deleg_flag = GSS_C_DELEG_FLAG; } else break; argc--; argv++; @@ -446,7 +452,8 @@ int client_establish_context(s, service_name, gss_context) gss_context, target_name, GSS_C_NULL_OID, - GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG, + GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG | + deleg_flag, 0, NULL, /* no channel bindings */ token_ptr, |