diff options
author | Chuck Lever <chuck.lever@oracle.com> | 2015-06-01 07:57:00 -0400 |
---|---|---|
committer | Steve Dickson <steved@redhat.com> | 2015-06-01 08:11:35 -0400 |
commit | 5f1fe4dde861f65142e5a0729aaabc4e9821737d (patch) | |
tree | 8b48c92f3f84e5fe6c2c327eb833c383fc32a79f /src/auth_gss.c | |
parent | be5ce4056a77cb1f9bba6a050c12ce8fd08eac9b (diff) | |
download | ti-rpc-5f1fe4dde861f65142e5a0729aaabc4e9821737d.tar.gz |
Pass time_req and input_channel_bindings through to init_sec_context
rpc_gss_seccreate(3) is a client-side interface that allows callers
to optionally specify parameters to gss_init_sec_context(). Only two
of those parameters (req_flag and my_cred) are passed through
currently.
Support the other two.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
Diffstat (limited to 'src/auth_gss.c')
-rw-r--r-- | src/auth_gss.c | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/src/auth_gss.c b/src/auth_gss.c index cf96ada..722d54c 100644 --- a/src/auth_gss.c +++ b/src/auth_gss.c @@ -144,6 +144,8 @@ struct rpc_gss_data { gss_ctx_id_t ctx; /* context id */ struct rpc_gss_cred gc; /* client credentials */ u_int win; /* sequence window */ + int time_req; /* init_sec_context time_req */ + gss_channel_bindings_t icb; /* input channel bindings */ }; #define AUTH_PRIVATE(auth) ((struct rpc_gss_data *)auth->ah_private) @@ -458,8 +460,8 @@ _rpc_gss_refresh(AUTH *auth, rpc_gss_options_ret_t *options_ret) gd->name, gd->sec.mech, gd->sec.req_flags, - 0, /* time req */ - NULL, /* channel */ + gd->time_req, + gd->icb, recv_tokenp, &actual_mech_type, &send_token, @@ -772,11 +774,6 @@ rpc_gss_seccreate(CLIENT *clnt, char *principal, char *mechanism, return _rpc_gss_seccreate_error(ENOENT); } - if (req != NULL) { - sec.req_flags = req->req_flags; - sec.cred = req->my_cred; - } - if (ret == NULL) ret = &options_ret; memset(ret, 0, sizeof(*ret)); @@ -806,6 +803,13 @@ rpc_gss_seccreate(CLIENT *clnt, char *principal, char *mechanism, gd->ctx = GSS_C_NO_CONTEXT; gd->sec = sec; + if (req) { + sec.req_flags = req->req_flags; + gd->time_req = req->time_req; + sec.cred = req->my_cred; + gd->icb = req->input_channel_bindings; + } + gd->gc.gc_v = RPCSEC_GSS_VERSION; gd->gc.gc_proc = RPCSEC_GSS_INIT; gd->gc.gc_svc = sec.svc; |