|
Optional GSS-API Functionality.
This patch implements mutual authentication, out of sequence and
replay detection using the GSS-API. The changes implemented are
optional and are turned off by default.
This option is specified to the client through an environment variable
as is the name of the server principal to authenticate. Currently
the server principal can be left unspecified and a default based on
the host keytab will be used.
This option is specified to the daemon through a command line option,
with the name of the principal whose credentials the daemon should
use specified as an environment variable. A simple handshake is
exchanged between the client and server in order to prevent
unecessary delays and protocol derailments when mixing authenticating
and non-authenticating clients and servers.
Revised based on review comments.
GSS-API authentication is now implemented as a per host option.
Revised further by me (Fergus Henderson) to fix a spelling error
and to rename the per host option from ",gssapi" to ",auth".
git-svn-id: http://distcc.googlecode.com/svn/trunk@690 01de4be4-8c4a-0410-9132-4925637da917
|