From 2da47f934a4f57cbc7006b7ba130424fab9d00a6 Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Mon, 21 Dec 2009 17:58:12 +0000 Subject: [PATCH] Add a set_cred_option handler for SPNEGO which forwards to the underlying mechanism. Fixes SPNEGO credential delegation in 1.7 and copying of SPNEGO initiator creds in both 1.7 and trunk. Patch provided by nalin@redhat.com. ticket: 6594 target_version: 1.7.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23482 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/gssapi/spnego/gssapiP_spnego.h | 9 +++++++++ src/lib/gssapi/spnego/spnego_mech.c | 17 ++++++++++++++++- 2 files changed, 25 insertions(+), 1 deletion(-) diff --git a/src/lib/gssapi/spnego/gssapiP_spnego.h b/src/lib/gssapi/spnego/gssapiP_spnego.h index 80c23e283..4bfe863f9 100644 --- a/src/lib/gssapi/spnego/gssapiP_spnego.h +++ b/src/lib/gssapi/spnego/gssapiP_spnego.h @@ -351,6 +351,15 @@ spnego_gss_inquire_cred_by_oid gss_buffer_set_t *data_set ); +OM_uint32 +spnego_gss_set_cred_option +( + OM_uint32 *minor_status, + gss_cred_id_t cred_handle, + const gss_OID desired_object, + const gss_buffer_t value +); + OM_uint32 spnego_gss_set_sec_context_option ( diff --git a/src/lib/gssapi/spnego/spnego_mech.c b/src/lib/gssapi/spnego/spnego_mech.c index e0f53d579..669b343d9 100644 --- a/src/lib/gssapi/spnego/spnego_mech.c +++ b/src/lib/gssapi/spnego/spnego_mech.c @@ -250,7 +250,7 @@ static struct gss_config spnego_mechanism = spnego_gss_inquire_sec_context_by_oid, /* gss_inquire_sec_context_by_oid */ spnego_gss_inquire_cred_by_oid, /* gss_inquire_cred_by_oid */ spnego_gss_set_sec_context_option, /* gss_set_sec_context_option */ - NULL, /* gssspi_set_cred_option */ + spnego_gss_set_cred_option, /* gssspi_set_cred_option */ NULL, /* gssspi_mech_invoke */ spnego_gss_wrap_aead, spnego_gss_unwrap_aead, @@ -2186,6 +2186,21 @@ spnego_gss_inquire_cred_by_oid( return (ret); } +OM_uint32 +spnego_gss_set_cred_option( + OM_uint32 *minor_status, + gss_cred_id_t cred_handle, + const gss_OID desired_object, + const gss_buffer_t value) +{ + OM_uint32 ret; + ret = gssspi_set_cred_option(minor_status, + cred_handle, + desired_object, + value); + return (ret); +} + OM_uint32 spnego_gss_set_sec_context_option( OM_uint32 *minor_status, -- 2.26.2