return FALSE;
}
+/*
+ * Returns TRUE if the configuration variable reauth_use_ccache is
+ * set in krb5.conf for the eap_gss application and the client realm.
+ */
static int
reauthUseCredsCache(krb5_context krbContext,
krb5_principal principal)
return reauthUseCCache;
}
+/*
+ * Look in default credentials cache for reauthentication credentials,
+ * if policy allows.
+ */
static OM_uint32
getReauthCredentials(OM_uint32 *minor,
gss_cred_id_t cred,
return major;
}
+/*
+ * Returns TRUE if the credential handle's reauth credentials are
+ * valid or if we can use the default credentials cache. Credentials
+ * handle must be locked.
+ */
int
gssEapCanReauthP(gss_cred_id_t cred,
gss_name_t target,
/*
* Store re-authentication (Kerberos) credentials in a credential handle.
+ * Credentials handle must be locked.
*/
OM_uint32
gssEapStoreReauthCreds(OM_uint32 *minor,