Set KRB5CCNAME on follow up requests with session

[mod_auth_gssapi.git] / src / mod_auth_gssapi.h

diff --git a/src/mod_auth_gssapi.h b/src/mod_auth_gssapi.h
index 6a21254..97ba2c8 100644 (file)
--- a/src/mod_auth_gssapi.h
+++ b/src/mod_auth_gssapi.h
@@ -5,6 +5,8 @@
 #include <time.h>
 #include <gssapi/gssapi.h>
 #include <gssapi/gssapi_ext.h>
+#include <gssapi/gssapi_krb5.h>
+#include <gssapi/gssapi_ntlmssp.h>
 
 #define APR_WANT_STRFUNC
 #include "apr_want.h"
@@ -17,6 +19,7 @@
 #include <http_log.h>
 #include <http_request.h>
 #include <mod_session.h>
+#include <mod_ssl.h>
 
 /* apache's httpd.h drags in empty PACKAGE_* variables.
  * undefine them to avoid annoying compile warnings as they
@@ -33,14 +36,27 @@
 
 #define MIN_SESS_EXP_TIME 300 /* 5 minutes validity minimum */
 
+#ifdef HAVE_GSS_ACQUIRE_CRED_FROM
+#  ifdef HAVE_GSS_STORE_CRED_INTO
+#define HAVE_CRED_STORE 1
+#  endif
+#endif
+
 struct mag_config {
     apr_pool_t *pool;
     bool ssl_only;
     bool map_to_local;
     bool gss_conn_ctx;
+    bool send_persist;
     bool use_sessions;
-    gss_key_value_set_desc cred_store;
+#ifdef HAVE_CRED_STORE
+    bool use_s4u2proxy;
+    char *deleg_ccache_dir;
+    gss_key_value_set_desc *cred_store;
+#endif
     struct seal_key *mag_skey;
+    bool use_basic_auth;
+    gss_OID_set_desc *allowed_mechs;
 };
 
 struct mag_conn {
@@ -50,4 +66,8 @@ struct mag_conn {
     const char *user_name;
     const char *gss_name;
     time_t expiration;
+    int auth_type;
+    bool delegated;
 };
+
+#define discard_const(ptr) ((void *)((uintptr_t)(ptr)))