diff options
| author | Simo Sorce <simo@redhat.com> | 2014-08-26 17:10:18 -0400 |
|---|---|---|
| committer | Simo Sorce <simo@redhat.com> | 2014-08-26 17:12:16 -0400 |
| commit | 798ab2c61f44443549520f62bb8cc8c87ff4e33c (patch) | |
| tree | aaa3724dfe5dd9d5c88d971b479bec6894b26ffb /src | |
| parent | 49002c0e9201284e85d524d7f04c2af5093d6539 (diff) | |
| download | mod_auth_gssapi-798ab2c61f44443549520f62bb8cc8c87ff4e33c.tar.gz mod_auth_gssapi-798ab2c61f44443549520f62bb8cc8c87ff4e33c.tar.xz mod_auth_gssapi-798ab2c61f44443549520f62bb8cc8c87ff4e33c.zip | |
Fix GssapiCredStore usage
This allows to always define the keytab in terms of GssapiCredStore
options instead of having to set a KRB5_KTNAME variable.
Fixes Issue 2
Diffstat (limited to 'src')
| -rw-r--r-- | src/mod_auth_gssapi.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/mod_auth_gssapi.c b/src/mod_auth_gssapi.c index 220ccab..5ce9077 100644 --- a/src/mod_auth_gssapi.c +++ b/src/mod_auth_gssapi.c @@ -166,6 +166,7 @@ static int mag_auth(request_rec *req) gss_name_t client = GSS_C_NO_NAME; gss_cred_id_t acquired_cred = GSS_C_NO_CREDENTIAL; gss_cred_id_t delegated_cred = GSS_C_NO_CREDENTIAL; + gss_cred_usage_t cred_usage = GSS_C_ACCEPT; uint32_t flags; uint32_t vtime; uint32_t maj, min; @@ -247,8 +248,11 @@ static int mag_auth(request_rec *req) #ifdef HAVE_GSS_ACQUIRE_CRED_FROM if (cfg->use_s4u2proxy) { + cred_usage = GSS_C_BOTH; + } + if (cfg->cred_store) { maj = gss_acquire_cred_from(&min, GSS_C_NO_NAME, 0, - GSS_C_NO_OID_SET, GSS_C_BOTH, + GSS_C_NO_OID_SET, cred_usage, cfg->cred_store, &acquired_cred, NULL, NULL); if (GSS_ERROR(maj)) { |