diff options
| author | Sumit Bose <sbose@redhat.com> | 2010-11-18 12:48:05 +0100 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-12-07 17:09:19 -0500 |
| commit | 5843ad321944a028f6dee7e1fd4f9381c4953d07 (patch) | |
| tree | fe7087c3ebb948e0269ef613a1cea06111c2cfc3 /src/util | |
| parent | 263c8d47ca21d3bacd77266613fcc7baab988465 (diff) | |
| download | sssd-5843ad321944a028f6dee7e1fd4f9381c4953d07.tar.gz sssd-5843ad321944a028f6dee7e1fd4f9381c4953d07.tar.xz sssd-5843ad321944a028f6dee7e1fd4f9381c4953d07.zip | |
Add support for FAST in krb5 provider
Diffstat (limited to 'src/util')
| -rw-r--r-- | src/util/sss_krb5.c | 48 | ||||
| -rw-r--r-- | src/util/sss_krb5.h | 14 |
2 files changed, 62 insertions, 0 deletions
diff --git a/src/util/sss_krb5.c b/src/util/sss_krb5.c index 7fad32e85..174b6d9fa 100644 --- a/src/util/sss_krb5.c +++ b/src/util/sss_krb5.c @@ -361,3 +361,51 @@ krb5_error_code KRB5_CALLCONV sss_krb5_get_init_creds_opt_set_expire_callback( return 0; #endif } + +errno_t check_fast(const char *str, bool *use_fast) +{ +#if HAVE_KRB5_GET_INIT_CREDS_OPT_SET_FAST_FLAGS + if (strcasecmp(str, "never") == 0 ) { + *use_fast = false; + } else if (strcasecmp(str, "try") == 0 || strcasecmp(str, "demand") == 0) { + *use_fast = true; + } else { + sss_log(SSS_LOG_ALERT, "Unsupported value [%s] for option krb5_use_fast," + "please use never, try, or demand.\n"); + return EINVAL; + } + + return EOK; +#else + sss_log(SSS_LOG_ALERT, "This build of sssd done not support FAST. " + "Please remove option krb5_use_fast.\n"); + return EINVAL; +#endif +} + +krb5_error_code KRB5_CALLCONV sss_krb5_get_init_creds_opt_set_fast_ccache_name( + krb5_context context, + krb5_get_init_creds_opt *opt, + const char *fast_ccache_name) +{ +#ifdef HAVE_KRB5_GET_INIT_CREDS_OPT_SET_FAST_CCACHE_NAME + return krb5_get_init_creds_opt_set_fast_ccache_name(context, opt, + fast_ccache_name); +#else + DEBUG(5, ("krb5_get_init_creds_opt_set_fast_ccache_name not available.\n")); + return 0; +#endif +} + +krb5_error_code KRB5_CALLCONV sss_krb5_get_init_creds_opt_set_fast_flags( + krb5_context context, + krb5_get_init_creds_opt *opt, + krb5_flags flags) +{ +#ifdef HAVE_KRB5_GET_INIT_CREDS_OPT_SET_FAST_FLAGS + return krb5_get_init_creds_opt_set_fast_flags(context, opt, flags); +#else + DEBUG(5, ("krb5_get_init_creds_opt_set_fast_flags not available.\n")); + return 0; +#endif +} diff --git a/src/util/sss_krb5.h b/src/util/sss_krb5.h index cf6fedafb..d74df832e 100644 --- a/src/util/sss_krb5.h +++ b/src/util/sss_krb5.h @@ -32,6 +32,8 @@ #include <krb5.h> #endif +#include "util/util.h" + const char * KRB5_CALLCONV sss_krb5_get_error_message (krb5_context, krb5_error_code); @@ -67,4 +69,16 @@ krb5_error_code KRB5_CALLCONV sss_krb5_get_init_creds_opt_set_expire_callback( krb5_get_init_creds_opt *opt, krb5_expire_callback_func cb, void *data); + +errno_t check_fast(const char *str, bool *use_fast); + +krb5_error_code KRB5_CALLCONV sss_krb5_get_init_creds_opt_set_fast_ccache_name( + krb5_context context, + krb5_get_init_creds_opt *opt, + const char *fast_ccache_name); + +krb5_error_code KRB5_CALLCONV sss_krb5_get_init_creds_opt_set_fast_flags( + krb5_context context, + krb5_get_init_creds_opt *opt, + krb5_flags flags); #endif /* __SSS_KRB5_H__ */ |