+struct mag_req_cfg *mag_init_cfg(request_rec *req)
+{
+ struct mag_server_config *scfg;
+ struct mag_req_cfg *req_cfg = apr_pcalloc(req->pool,
+ sizeof(struct mag_req_cfg));
+ req_cfg->req = req;
+ req_cfg->cfg = ap_get_module_config(req->per_dir_config,
+ &auth_gssapi_module);
+
+ scfg = ap_get_module_config(req->server->module_config,
+ &auth_gssapi_module);
+
+ if (req_cfg->cfg->allowed_mechs) {
+ req_cfg->desired_mechs = req_cfg->cfg->allowed_mechs;
+ } else {
+ /* Use the default set if not explicitly configured */
+ req_cfg->desired_mechs = scfg->default_mechs;
+ }
+
+ if (!req_cfg->cfg->mag_skey) {
+ req_cfg->mag_skey = req_cfg->cfg->mag_skey;
+ } else {
+ /* Use server random key if not explicitly configured */
+ req_cfg->mag_skey = scfg->mag_skey;
+ }
+
+ if (req->proxyreq == PROXYREQ_PROXY) {
+ req_cfg->req_proto = "Proxy-Authorization";
+ req_cfg->rep_proto = "Proxy-Authenticate";
+ } else {
+ req_cfg->req_proto = "Authorization";
+ req_cfg->rep_proto = "WWW-Authenticate";
+ req_cfg->use_sessions = req_cfg->cfg->use_sessions;
+ req_cfg->send_persist = req_cfg->cfg->send_persist;
+ }
+
+ return req_cfg;
+}
+
+static bool use_s4u2proxy(struct mag_req_cfg *req_cfg) {
+ if (req_cfg->cfg->use_s4u2proxy) {
+ if (req_cfg->cfg->deleg_ccache_dir != NULL) {
+ return true;
+ } else {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, req_cfg->req,
+ "S4U2 Proxy requested but GssapiDelegCcacheDir "
+ "is not set. Constrained delegation disabled!");
+ }
+ }
+ return false;
+}