diff options
| author | Greg Hudson <ghudson@mit.edu> | 2009-12-21 17:58:12 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2009-12-21 17:58:12 +0000 |
| commit | 2da47f934a4f57cbc7006b7ba130424fab9d00a6 (patch) | |
| tree | 457e93c24c779d351cc356b91dc5f8446670fb3d | |
| parent | a0f14faa5b6ace43ce98af840c560565ccb0a27a (diff) | |
| download | krb5-2da47f934a4f57cbc7006b7ba130424fab9d00a6.zip krb5-2da47f934a4f57cbc7006b7ba130424fab9d00a6.tar.gz krb5-2da47f934a4f57cbc7006b7ba130424fab9d00a6.tar.bz2 | |
Add a set_cred_option handler for SPNEGO which forwards to the
underlying mechanism. Fixes SPNEGO credential delegation in 1.7 and
copying of SPNEGO initiator creds in both 1.7 and trunk. Patch
provided by nalin@redhat.com.
ticket: 6594
target_version: 1.7.1
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23482 dc483132-0cff-0310-8789-dd5450dbe970
| -rw-r--r-- | src/lib/gssapi/spnego/gssapiP_spnego.h | 9 | ||||
| -rw-r--r-- | src/lib/gssapi/spnego/spnego_mech.c | 17 |
2 files changed, 25 insertions, 1 deletions
diff --git a/src/lib/gssapi/spnego/gssapiP_spnego.h b/src/lib/gssapi/spnego/gssapiP_spnego.h index 80c23e2..4bfe863 100644 --- a/src/lib/gssapi/spnego/gssapiP_spnego.h +++ b/src/lib/gssapi/spnego/gssapiP_spnego.h @@ -352,6 +352,15 @@ spnego_gss_inquire_cred_by_oid ); OM_uint32 +spnego_gss_set_cred_option +( + OM_uint32 *minor_status, + gss_cred_id_t cred_handle, + const gss_OID desired_object, + const gss_buffer_t value +); + +OM_uint32 spnego_gss_set_sec_context_option ( OM_uint32 *minor_status, diff --git a/src/lib/gssapi/spnego/spnego_mech.c b/src/lib/gssapi/spnego/spnego_mech.c index e0f53d5..669b343 100644 --- a/src/lib/gssapi/spnego/spnego_mech.c +++ b/src/lib/gssapi/spnego/spnego_mech.c @@ -250,7 +250,7 @@ static struct gss_config spnego_mechanism = spnego_gss_inquire_sec_context_by_oid, /* gss_inquire_sec_context_by_oid */ spnego_gss_inquire_cred_by_oid, /* gss_inquire_cred_by_oid */ spnego_gss_set_sec_context_option, /* gss_set_sec_context_option */ - NULL, /* gssspi_set_cred_option */ + spnego_gss_set_cred_option, /* gssspi_set_cred_option */ NULL, /* gssspi_mech_invoke */ spnego_gss_wrap_aead, spnego_gss_unwrap_aead, @@ -2187,6 +2187,21 @@ spnego_gss_inquire_cred_by_oid( } OM_uint32 +spnego_gss_set_cred_option( + OM_uint32 *minor_status, + gss_cred_id_t cred_handle, + const gss_OID desired_object, + const gss_buffer_t value) +{ + OM_uint32 ret; + ret = gssspi_set_cred_option(minor_status, + cred_handle, + desired_object, + value); + return (ret); +} + +OM_uint32 spnego_gss_set_sec_context_option( OM_uint32 *minor_status, gss_ctx_id_t *context_handle, |