svn rev #23482: trunk/src/lib/gssapi/spnego/

ghudson@MIT.EDU ghudson at MIT.EDU
Mon Dec 21 12:58:12 EST 2009 

http://src.mit.edu/fisheye/changelog/krb5/?cs=23482
Commit By: ghudson
Log Message:
ticket: 6594
target_version: 1.7.1
tags: pullup

Add a set_cred_option handler for SPNEGO which forwards to the
underlying mechanism.  Fixes SPNEGO credential delegation in 1.7 and
copying of SPNEGO initiator creds in both 1.7 and trunk.  Patch
provided by nalin at redhat.com.



Changed Files:
U   trunk/src/lib/gssapi/spnego/gssapiP_spnego.h
U   trunk/src/lib/gssapi/spnego/spnego_mech.c
Modified: trunk/src/lib/gssapi/spnego/gssapiP_spnego.h
===================================================================
--- trunk/src/lib/gssapi/spnego/gssapiP_spnego.h	2009-12-18 09:09:56 UTC (rev 23481)
+++ trunk/src/lib/gssapi/spnego/gssapiP_spnego.h	2009-12-21 17:58:12 UTC (rev 23482)
@@ -352,6 +352,15 @@
 );
 
 OM_uint32
+spnego_gss_set_cred_option
+(
+	OM_uint32 *minor_status,
+	gss_cred_id_t cred_handle,
+	const gss_OID desired_object,
+	const gss_buffer_t value
+);
+
+OM_uint32
 spnego_gss_set_sec_context_option
 (
 	OM_uint32 *minor_status,

Modified: trunk/src/lib/gssapi/spnego/spnego_mech.c
===================================================================
--- trunk/src/lib/gssapi/spnego/spnego_mech.c	2009-12-18 09:09:56 UTC (rev 23481)
+++ trunk/src/lib/gssapi/spnego/spnego_mech.c	2009-12-21 17:58:12 UTC (rev 23482)
@@ -250,7 +250,7 @@
  	spnego_gss_inquire_sec_context_by_oid, /* gss_inquire_sec_context_by_oid */
  	spnego_gss_inquire_cred_by_oid,	/* gss_inquire_cred_by_oid */
  	spnego_gss_set_sec_context_option, /* gss_set_sec_context_option */
- 	NULL,				/* gssspi_set_cred_option */
+	spnego_gss_set_cred_option,	/* gssspi_set_cred_option */
  	NULL,				/* gssspi_mech_invoke */
 	spnego_gss_wrap_aead,
 	spnego_gss_unwrap_aead,
@@ -2187,6 +2187,21 @@
 }
 
 OM_uint32
+spnego_gss_set_cred_option(
+		OM_uint32 *minor_status,
+		gss_cred_id_t cred_handle,
+		const gss_OID desired_object,
+		const gss_buffer_t value)
+{
+	OM_uint32 ret;
+	ret = gssspi_set_cred_option(minor_status,
+				     cred_handle,
+				     desired_object,
+				     value);
+	return (ret);
+}
+
+OM_uint32
 spnego_gss_set_sec_context_option(
 		OM_uint32 *minor_status,
 		gss_ctx_id_t *context_handle,

More information about the cvs-krb5 mailing list