X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=src%2Fmod_auth_gssapi.h;h=5662add686a45875e44b7813ae6d907f7a27fa22;hb=472d605d916f7ad63cd8bbffa100997eca700da4;hp=9ebadccefe4b8080ff0b5ee1d6493b474abaec78;hpb=7407b64481bc49ad552f9ba0ff2efe1f6fb0982e;p=mod_auth_gssapi.git

diff --git a/src/mod_auth_gssapi.h b/src/mod_auth_gssapi.h
index 9ebadcc..5662add 100644
--- a/src/mod_auth_gssapi.h
+++ b/src/mod_auth_gssapi.h
@@ -3,8 +3,6 @@
 #include <stdbool.h>
 #include <stdint.h>
 #include <time.h>
-#include <gssapi/gssapi.h>
-#include <gssapi/gssapi_ext.h>
 
 #define APR_WANT_STRFUNC
 #include "apr_want.h"
@@ -17,6 +15,7 @@
 #include <http_log.h>
 #include <http_request.h>
 #include <mod_session.h>
+#include <mod_ssl.h>
 
 /* apache's httpd.h drags in empty PACKAGE_* variables.
  * undefine them to avoid annoying compile warnings as they
@@ -28,34 +27,76 @@
 #undef PACKAGE_VERSION
 #include "config.h"
 
+#include <gssapi/gssapi.h>
+#include <gssapi/gssapi_ext.h>
+#include <gssapi/gssapi_krb5.h>
+#ifdef HAVE_GSSAPI_GSSAPI_NTLMSSP_H
+#  include <gssapi/gssapi_ntlmssp.h>
+#endif
+
 #include "crypto.h"
 #include "sessions.h"
+#include "environ.h"
 
 #define MIN_SESS_EXP_TIME 300 /* 5 minutes validity minimum */
 
+#ifdef HAVE_GSS_ACQUIRE_CRED_FROM
+#  ifdef HAVE_GSS_STORE_CRED_INTO
+#define HAVE_CRED_STORE 1
+#  endif
+#endif
+
 struct mag_config {
     apr_pool_t *pool;
     bool ssl_only;
     bool map_to_local;
     bool gss_conn_ctx;
+    bool send_persist;
     bool use_sessions;
+#ifdef HAVE_CRED_STORE
     bool use_s4u2proxy;
     char *deleg_ccache_dir;
     gss_key_value_set_desc *cred_store;
+#endif
+    struct seal_key *mag_skey;
+
+    bool use_basic_auth;
+    gss_OID_set_desc *allowed_mechs;
+    gss_OID_set_desc *basic_mechs;
+};
+
+struct mag_server_config {
+    gss_OID_set default_mechs;
+    struct seal_key *mag_skey;
+};
+
+struct mag_req_cfg {
+    request_rec *req;
+    struct mag_config *cfg;
+    gss_OID_set desired_mechs;
+    bool use_sessions;
+    bool send_persist;
+    const char *req_proto;
+    const char *rep_proto;
     struct seal_key *mag_skey;
-    enum {
-        BA_OFF = 0,
-        BA_FORWARD = 1,
-        BA_ON = 2
-    } basic_auth;
 };
 
 struct mag_conn {
-    apr_pool_t *parent;
+    apr_pool_t *pool;
     gss_ctx_id_t ctx;
     bool established;
     const char *user_name;
     const char *gss_name;
     time_t expiration;
-    const char *auth_type;
+    int auth_type;
+    bool delegated;
+    struct databuf basic_hash;
+    bool is_preserved;
 };
+
+#define discard_const(ptr) ((void *)((uintptr_t)(ptr)))
+
+struct mag_conn *mag_new_conn_ctx(apr_pool_t *pool);
+const char *mag_str_auth_type(int auth_type);
+char *mag_gss_name_to_ccache_name(request_rec *req,
+                                  char *dir, const char *gss_name);