diff options
| author | Greg Hudson <ghudson@mit.edu> | 2009-12-21 17:58:12 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2009-12-21 17:58:12 +0000 |
| commit | 2da47f934a4f57cbc7006b7ba130424fab9d00a6 (patch) | |
| tree | 457e93c24c779d351cc356b91dc5f8446670fb3d /src/lib | |
| parent | a0f14faa5b6ace43ce98af840c560565ccb0a27a (diff) | |
| download | krb5-2da47f934a4f57cbc7006b7ba130424fab9d00a6.tar.gz krb5-2da47f934a4f57cbc7006b7ba130424fab9d00a6.tar.xz krb5-2da47f934a4f57cbc7006b7ba130424fab9d00a6.zip | |
Add a set_cred_option handler for SPNEGO which forwards to the
underlying mechanism. Fixes SPNEGO credential delegation in 1.7 and
copying of SPNEGO initiator creds in both 1.7 and trunk. Patch
provided by nalin@redhat.com.
ticket: 6594
target_version: 1.7.1
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23482 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/gssapi/spnego/gssapiP_spnego.h | 9 | ||||
| -rw-r--r-- | src/lib/gssapi/spnego/spnego_mech.c | 17 |
2 files changed, 25 insertions, 1 deletions
diff --git a/src/lib/gssapi/spnego/gssapiP_spnego.h b/src/lib/gssapi/spnego/gssapiP_spnego.h index 80c23e2838..4bfe863f99 100644 --- a/src/lib/gssapi/spnego/gssapiP_spnego.h +++ b/src/lib/gssapi/spnego/gssapiP_spnego.h @@ -352,6 +352,15 @@ spnego_gss_inquire_cred_by_oid ); OM_uint32 +spnego_gss_set_cred_option +( + OM_uint32 *minor_status, + gss_cred_id_t cred_handle, + const gss_OID desired_object, + const gss_buffer_t value +); + +OM_uint32 spnego_gss_set_sec_context_option ( OM_uint32 *minor_status, diff --git a/src/lib/gssapi/spnego/spnego_mech.c b/src/lib/gssapi/spnego/spnego_mech.c index e0f53d5792..669b343d97 100644 --- a/src/lib/gssapi/spnego/spnego_mech.c +++ b/src/lib/gssapi/spnego/spnego_mech.c @@ -250,7 +250,7 @@ static struct gss_config spnego_mechanism = spnego_gss_inquire_sec_context_by_oid, /* gss_inquire_sec_context_by_oid */ spnego_gss_inquire_cred_by_oid, /* gss_inquire_cred_by_oid */ spnego_gss_set_sec_context_option, /* gss_set_sec_context_option */ - NULL, /* gssspi_set_cred_option */ + spnego_gss_set_cred_option, /* gssspi_set_cred_option */ NULL, /* gssspi_mech_invoke */ spnego_gss_wrap_aead, spnego_gss_unwrap_aead, @@ -2187,6 +2187,21 @@ spnego_gss_inquire_cred_by_oid( } OM_uint32 +spnego_gss_set_cred_option( + OM_uint32 *minor_status, + gss_cred_id_t cred_handle, + const gss_OID desired_object, + const gss_buffer_t value) +{ + OM_uint32 ret; + ret = gssspi_set_cred_option(minor_status, + cred_handle, + desired_object, + value); + return (ret); +} + +OM_uint32 spnego_gss_set_sec_context_option( OM_uint32 *minor_status, gss_ctx_id_t *context_handle, |