projects
/
mod_auth_gssapi.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Set KRB5CCNAME on follow up requests with session
[mod_auth_gssapi.git]
/
src
/
mod_auth_gssapi.h
diff --git
a/src/mod_auth_gssapi.h
b/src/mod_auth_gssapi.h
index
2022061
..
97ba2c8
100644
(file)
--- a/
src/mod_auth_gssapi.h
+++ b/
src/mod_auth_gssapi.h
@@
-2,16
+2,24
@@
#include <stdbool.h>
#include <stdint.h>
#include <stdbool.h>
#include <stdint.h>
+#include <time.h>
#include <gssapi/gssapi.h>
#include <gssapi/gssapi_ext.h>
#include <gssapi/gssapi.h>
#include <gssapi/gssapi_ext.h>
+#include <gssapi/gssapi_krb5.h>
+#include <gssapi/gssapi_ntlmssp.h>
+
+#define APR_WANT_STRFUNC
+#include "apr_want.h"
+#include <apr_strings.h>
+#include <apr_base64.h>
#include <httpd.h>
#include <http_core.h>
#include <http_connection.h>
#include <http_log.h>
#include <http_request.h>
#include <httpd.h>
#include <http_core.h>
#include <http_connection.h>
#include <http_log.h>
#include <http_request.h>
-#include <
apr_strings
.h>
-#include <
apr_base64
.h>
+#include <
mod_session
.h>
+#include <
mod_ssl
.h>
/* apache's httpd.h drags in empty PACKAGE_* variables.
* undefine them to avoid annoying compile warnings as they
/* apache's httpd.h drags in empty PACKAGE_* variables.
* undefine them to avoid annoying compile warnings as they
@@
-23,10
+31,43
@@
#undef PACKAGE_VERSION
#include "config.h"
#undef PACKAGE_VERSION
#include "config.h"
+#include "crypto.h"
+#include "sessions.h"
+
+#define MIN_SESS_EXP_TIME 300 /* 5 minutes validity minimum */
+
+#ifdef HAVE_GSS_ACQUIRE_CRED_FROM
+# ifdef HAVE_GSS_STORE_CRED_INTO
+#define HAVE_CRED_STORE 1
+# endif
+#endif
+
struct mag_config {
struct mag_config {
+ apr_pool_t *pool;
bool ssl_only;
bool map_to_local;
bool gss_conn_ctx;
bool ssl_only;
bool map_to_local;
bool gss_conn_ctx;
- gss_key_value_set_desc cred_store;
+ bool send_persist;
+ bool use_sessions;
+#ifdef HAVE_CRED_STORE
+ bool use_s4u2proxy;
+ char *deleg_ccache_dir;
+ gss_key_value_set_desc *cred_store;
+#endif
+ struct seal_key *mag_skey;
+ bool use_basic_auth;
+ gss_OID_set_desc *allowed_mechs;
+};
+
+struct mag_conn {
+ apr_pool_t *parent;
+ gss_ctx_id_t ctx;
+ bool established;
+ const char *user_name;
+ const char *gss_name;
+ time_t expiration;
+ int auth_type;
+ bool delegated;
};
};
+#define discard_const(ptr) ((void *)((uintptr_t)(ptr)))