Implement unique ccache names

Unique ccache names may be requested using the GssapiDelegCcacheUnique
configuration option.  This option is off by default.  If both unique
ccache names and session use are enabled, then a mechanism for removing
old ccaches must be supplied.

Signed-off-by: Robbie Harwood <rharwood@redhat.com>
Also-authored-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>

1 files changed, 9 insertions, 1 deletions

diff --git a/src/sessions.c b/src/sessions.c
index d8c4873..d99b92d 100644
--- a/src/sessions.c
+++ b/src/sessions.c
@@ -1,4 +1,4 @@
-/* Copyright (C) 2014 mod_auth_gssapi contributors - See COPYING for (C) terms */
+/* Copyright (C) 2014, 2016 mod_auth_gssapi contributors - See COPYING for (C) terms */
 
 #include "mod_auth_gssapi.h"
 #include "asn1c/GSSSessionData.h"
@@ -179,6 +179,12 @@ void mag_check_session(struct mag_req_cfg *cfg, struct mag_conn **conn)
     memcpy(mc->basic_hash.value,
            gsessdata->basichash.buf, gsessdata->basichash.size);
 
+    /* ccname */
+    mc->ccname = apr_pstrndup(mc->pool,
+                              (char *)gsessdata->ccname.buf,
+                              gsessdata->ccname.size);
+    if (!mc->ccname) goto done;
+
     /* OK we have a valid token */
     mc->established = true;
 
@@ -224,6 +230,8 @@ void mag_attempt_session(struct mag_req_cfg *cfg, struct mag_conn *mc)
                              (const char *)mc->basic_hash.value,
                              mc->basic_hash.length) != 0)
         goto done;
+    if (OCTET_STRING_fromString(&gsessdata.ccname, mc->ccname) != 0)
+        goto done;
     ret = encode_GSSSessionData(req->pool, &gsessdata,
                                 &plainbuf.value, &plainbuf.length);
     if (ret == false) {