Add S4U2Proxy supports4u2proxy

SU2Proxy support is enabled when GssapiUseS4U2Proxy is set to On When S4U2Proxy is enabled GssapiDelegCcacheDir is used to determine where delegated credentials are stored. The ccache type used is always of type FILE and is located in the provided directory (defaults to /tmp). The credentials are stored in a file named after the client credentials so the directory SHOUL NOT be world writeable if a mutiuser system is used as ccache file names are predictable.
author: Simo Sorce <simo@redhat.com> 2014-07-10 06:53:00 -0400
committer: Simo Sorce <simo@redhat.com> 2014-07-20 08:38:14 -0400
commit: 5401c93b3d84a58357ccf8321ffe165aabca8656 (patch)
tree: cef695343e9963b257b923f6294e83655e9f79e7 /src/mod_auth_gssapi.h
parent: 6e86569afd4812f5674810ab66ee67fd5251d538 (diff)
download: mod_auth_gssapi-s4u2proxy.tar.gz
mod_auth_gssapi-s4u2proxy.tar.xz
mod_auth_gssapi-s4u2proxy.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/src/mod_auth_gssapi.h b/src/mod_auth_gssapi.h
index 6a21254..6d8ab1b 100644
--- a/src/mod_auth_gssapi.h
+++ b/src/mod_auth_gssapi.h
@@ -39,7 +39,9 @@ struct mag_config {
     bool map_to_local;
     bool gss_conn_ctx;
     bool use_sessions;
-    gss_key_value_set_desc cred_store;
+    bool use_s4u2proxy;
+    char *deleg_ccache_dir;
+    gss_key_value_set_desc *cred_store;
     struct seal_key *mag_skey;
 };
author	Simo Sorce <simo@redhat.com>	2014-07-10 06:53:00 -0400
committer	Simo Sorce <simo@redhat.com>	2014-07-20 08:38:14 -0400
commit	5401c93b3d84a58357ccf8321ffe165aabca8656 (patch)
tree	cef695343e9963b257b923f6294e83655e9f79e7 /src/mod_auth_gssapi.h
parent	6e86569afd4812f5674810ab66ee67fd5251d538 (diff)
download	mod_auth_gssapi-s4u2proxy.tar.gz mod_auth_gssapi-s4u2proxy.tar.xz mod_auth_gssapi-s4u2proxy.zip