ticket: 6594

version_fixed: 1.7.1 status: resolved pull up r23482 from trunk ------------------------------------------------------------------------ r23482 | ghudson | 2009-12-21 12:58:12 -0500 (Mon, 21 Dec 2009) | 9 lines ticket: 6594 target_version: 1.7.1 tags: pullup Add a set_cred_option handler for SPNEGO which forwards to the underlying mechanism. Fixes SPNEGO credential delegation in 1.7 and copying of SPNEGO initiator creds in both 1.7 and trunk. Patch provided by nalin@redhat.com. git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-7@23655 dc483132-0cff-0310-8789-dd5450dbe970
aadamowski · Jan 13, 2010 · 71558ea · 71558ea
1 parent afdc578
commit 71558ea
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 1 deletion.
diff --git a/src/lib/gssapi/spnego/gssapiP_spnego.h b/src/lib/gssapi/spnego/gssapiP_spnego.h
@@ -332,6 +332,15 @@ spnego_gss_inquire_sec_context_by_oid
 	gss_buffer_set_t *data_set
 );
 
+OM_uint32
+spnego_gss_set_cred_option
+(
+	OM_uint32 *minor_status,
+	gss_cred_id_t cred_handle,
+	const gss_OID desired_object,
+	const gss_buffer_t value
+);
+
 OM_uint32
 spnego_gss_set_sec_context_option
 (

diff --git a/src/lib/gssapi/spnego/spnego_mech.c b/src/lib/gssapi/spnego/spnego_mech.c
@@ -250,7 +250,7 @@ static struct gss_config spnego_mechanism =
  	spnego_gss_inquire_sec_context_by_oid, /* gss_inquire_sec_context_by_oid */
  	NULL,				/* gss_inquire_cred_by_oid */
  	spnego_gss_set_sec_context_option, /* gss_set_sec_context_option */
- 	NULL,				/* gssspi_set_cred_option */
+	spnego_gss_set_cred_option,	/* gssspi_set_cred_option */
  	NULL,				/* gssspi_mech_invoke */
 	spnego_gss_wrap_aead,
 	spnego_gss_unwrap_aead,
@@ -2087,6 +2087,21 @@ spnego_gss_inquire_sec_context_by_oid(
 	return (ret);
 }
 
+OM_uint32
+spnego_gss_set_cred_option(
+		OM_uint32 *minor_status,
+		gss_cred_id_t cred_handle,
+		const gss_OID desired_object,
+		const gss_buffer_t value)
+{
+	OM_uint32 ret;
+	ret = gssspi_set_cred_option(minor_status,
+				     cred_handle,
+				     desired_object,
+				     value);
+	return (ret);
+}
+
 OM_uint32
 spnego_gss_set_sec_context_option(
 		OM_uint32 *minor_status,