diff options
| author | Simo Sorce <simo@redhat.com> | 2013-11-16 17:01:24 -0500 |
|---|---|---|
| committer | Günther Deschner <gdeschner@redhat.com> | 2013-11-20 15:25:12 +0100 |
| commit | 6a096c0a0a37d2fa9e0b03edce05929a7d98f390 (patch) | |
| tree | 2615b4d416103a50e5c64abad4d1179103a2a6ba /proxy/src/gp_proxy.h | |
| parent | 32b1d5aa0497c4e3677b4575cc7e299590df5618 (diff) | |
| download | gss-proxy-6a096c0a0a37d2fa9e0b03edce05929a7d98f390.tar.gz gss-proxy-6a096c0a0a37d2fa9e0b03edce05929a7d98f390.tar.xz gss-proxy-6a096c0a0a37d2fa9e0b03edce05929a7d98f390.zip | |
config: Add code to source flag filters
2 New configuration options are made available:
- filter_flags
- enforce_flags
Any GSS Flags listed in the filter_flags option is forcibly filtered
out before a gss_init_sec_context() call is invoked.
Any GSS Flags listed in the enforce_flags option is forcibly added
to the list of flags requested by a gss_init_sec_context() call is
invoked.
Flags can be either literals or numeric and must be preceded by the
sign + (to add to the list) or - (to remove from the list).
Resolves: https://fedorahosted.org/gss-proxy/ticket/109
Reviewed-by: Günther Deschner <gdeschner@redhat.com>
Diffstat (limited to 'proxy/src/gp_proxy.h')
| -rw-r--r-- | proxy/src/gp_proxy.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/proxy/src/gp_proxy.h b/proxy/src/gp_proxy.h index 8390f5d..b6c64ae 100644 --- a/proxy/src/gp_proxy.h +++ b/proxy/src/gp_proxy.h @@ -57,6 +57,8 @@ struct gp_service { char *socket; SELINUX_CTX selinux_ctx; gss_cred_usage_t cred_usage; + uint32_t filter_flags; + uint32_t enforce_flags; uint32_t mechs; struct gp_cred_krb5 krb5; |