1 files changed, 16 insertions, 1 deletions

diff --git a/utils/gssd/gss_util.c b/utils/gssd/gss_util.c
index 2e6d40f..6235b7a 100644
--- a/utils/gssd/gss_util.c
+++ b/utils/gssd/gss_util.c
@@ -81,6 +81,9 @@
 #include <gssapi/gssapi_generic.h>
 #define GSS_C_NT_HOSTBASED_SERVICE gss_nt_service_name
 #endif
+#ifdef HAVE_GSS_ACQUIRE_CRED_FROM
+#include <gssapi/gssapi_ext.h>
+#endif
 #include "gss_util.h"
 #include "err_util.h"
 #include "gssd.h"
@@ -88,6 +91,7 @@
 #include <unistd.h>
 #endif
 #include <stdlib.h>
+#include <stdbool.h>
 #ifdef HAVE_COM_ERR_H
 #include <com_err.h>
 #endif
@@ -269,7 +273,7 @@ pgsserr(char *msg, u_int32_t maj_stat, u_int32_t min_stat, const gss_OID mech)
 }
 
 int
-gssd_acquire_cred(char *server_name, const gss_OID oid)
+gssd_acquire_cred(char *server_name, bool machine, const gss_OID oid)
 {
 	gss_buffer_desc name;
 	gss_name_t target_name;
@@ -294,6 +298,17 @@ gssd_acquire_cred(char *server_name, const gss_OID oid)
 		}
 	}
 
+#ifdef HAVE_GSS_ACQUIRE_CRED_FROM
+	if (machine) {
+		gss_key_value_element_desc gssd_ccache = { "ccache",
+			GSSD_SECURE_MACHINE_CACHE };
+		gss_key_value_set_desc cred_store = {1, &gssd_ccache};
+		maj_stat = gss_acquire_cred_from(&min_stat, target_name,
+				GSS_C_INDEFINITE, GSS_C_NO_OID_SET,
+				GSS_C_ACCEPT, &cred_store,
+				&gssd_creds, NULL, NULL);
+	} else
+#endif
 	maj_stat = gss_acquire_cred(&min_stat, target_name, GSS_C_INDEFINITE,
 			GSS_C_NO_OID_SET, GSS_C_ACCEPT,
 			&gssd_creds, NULL, NULL);