DEFS = -DHAVE_SYS_TYPES_H -DHAVE_UNISTD_H -DHAVE_SYS_SOCKET_H -DHAVE_NETINET_IN_H -DHAVE_NETDB_H -DHAVE_SYS_PARAM_H \
-D_GNU_SOURCE
CPPFLAGS = $(DEFS) -Wall -O0 -g
-LDFLAGS = -lgssapi_krb5
+LDFLAGS = -L/usr/local/lib -lgssapi_krb5
HTTP_OBJS = http_client.o gss_common.o base64.o net_write.o net_read.o
if (h == NULL)
errx(1, "Got %s but missed `WWW-Authenticate'", req.response);
- if (strncasecmp(h, "GSSAPI", 6) == 0) {
+ if (strncasecmp(h, "Negotiate", 9) == 0) {
OM_uint32 maj_stat, min_stat;
gss_buffer_desc input_token, output_token;
}
#endif
-// i = 9;
- i = 6;
+ i = 9;
while(h[i] && isspace((unsigned char)h[i]))
i++;
if (h[i] != '\0') {
output_token.length,
&neg_token);
- asprintf(&headers[0], "Authorization: GSSAPI %s",
+ asprintf(&headers[0], "Authorization: Negotiate %s",
neg_token);
num_headers = 1;
free(neg_token);
&cred, NULL, NULL);
if (GSS_ERROR(maj_stat))
gss_err(1, maj_stat, min_stat, "Failed to load initial credentials");
+ } else {
+ gss_OID_set_desc mechs, *mechsp = GSS_C_NO_OID_SET;
+
+ mechs.elements = mech_oid;
+ mechs.count = 1;
+ mechsp = &mechs;
+ maj_stat = gss_acquire_cred(&min_stat,
+ gss_username, 0,
+ mechsp, GSS_C_INITIATE,
+ &cred, NULL, NULL);
+ if (GSS_ERROR(maj_stat))
+ gss_err(1, maj_stat, min_stat, "Failed to load initial credentials");
}
ret = do_http(host, page, mech_oid, cred);
-/* Define to the version of this package. */
-/* Conflicts with defintions from Apache */
-/* #undef PACKAGE_VERSION */
-
-/* Define to `unsigned' if <sys/types.h> does not define. */
-#undef size_t
+/* config.h.in. Generated from configure.in by autoheader. */
-/* Define if your GSSAPI library supports handling SPNEGO tokens */
+/* GSS-API implementation has its own SPNEGO */
#undef GSSAPI_SUPPORTS_SPNEGO
-/* Define to 1 if you have the <unistd.h> header file. */
-#undef HAVE_UNISTD_H
+/* Define to 1 if you have the <gssapi/gssapi.h> header file. */
+#undef HAVE_GSSAPI_GSSAPI_H
+
+/* Define to 1 if you have the <gssapi.h> header file. */
+#undef HAVE_GSSAPI_H
+
+/* Define to 1 if you have the <inttypes.h> header file. */
+#undef HAVE_INTTYPES_H
+
+/* Define to 1 if you have the <limits.h> header file. */
+#undef HAVE_LIMITS_H
+
+/* Define to 1 if you have the <memory.h> header file. */
+#undef HAVE_MEMORY_H
+
+/* Define to 1 if you have the <netdb.h> header file. */
+#undef HAVE_NETDB_H
+
+/* Define to 1 if you have the <stddef.h> header file. */
+#undef HAVE_STDDEF_H
+
+/* Define to 1 if you have the <stdint.h> header file. */
+#undef HAVE_STDINT_H
+
+/* Define to 1 if you have the <stdlib.h> header file. */
+#undef HAVE_STDLIB_H
+
+/* Define to 1 if you have the <strings.h> header file. */
+#undef HAVE_STRINGS_H
+
+/* Define to 1 if you have the <string.h> header file. */
+#undef HAVE_STRING_H
+
+/* Define to 1 if you have the <sys/stat.h> header file. */
+#undef HAVE_SYS_STAT_H
/* Define to 1 if you have the <sys/types.h> header file. */
#undef HAVE_SYS_TYPES_H
+
+/* Define to 1 if you have the <unistd.h> header file. */
+#undef HAVE_UNISTD_H
+
+/* Define to the address where bug reports for this package should be sent. */
+#undef PACKAGE_BUGREPORT
+
+/* Define to the full name of this package. */
+#undef PACKAGE_NAME
+
+/* Define to the full name and version of this package. */
+#undef PACKAGE_STRING
+
+/* Define to the one symbol short name of this package. */
+#undef PACKAGE_TARNAME
+
+/* Define to the home page for this package. */
+#undef PACKAGE_URL
+
+/* Define to the version of this package. */
+#undef PACKAGE_VERSION
+
+/* Define to 1 if you have the ANSI C header files. */
+#undef STDC_HEADERS
+
+/* Define to 1 if your <sys/time.h> declares `struct tm'. */
+#undef TM_IN_SYS_TIME
+
+/* Define to `unsigned int' if <sys/types.h> does not define. */
+#undef size_t
if (negotiate_ret_value == NULL)
return;
- negoauth_param = (*negotiate_ret_value == '\0') ? "GSSAPI" :
- apr_pstrcat(r->pool, "GSSAPI ", negotiate_ret_value, NULL);
+ negoauth_param = (*negotiate_ret_value == '\0') ? "Negotiate" :
+ apr_pstrcat(r->pool, "Negotiate ", negotiate_ret_value, NULL);
apr_table_add(r->err_headers_out, header_name, negoauth_param);
}
/* get the type specified in Apache configuration */
type = ap_auth_type(r);
- if (type == NULL || strcmp(type, "GSSAPI") != 0) {
+ if (type == NULL || strcmp(type, "Negotiate") != 0) {
gss_log(APLOG_MARK, APLOG_DEBUG, 0, r,
"AuthType '%s' is not for us, bailing out",
(type) ? type : "(NULL)");
}
auth_type = ap_getword_white(r->pool, &auth_line);
- if (strcasecmp(auth_type, "GSSAPI") != 0) {
+ if (strcasecmp(auth_type, "Negotiate") != 0) {
gss_log(APLOG_MARK, APLOG_DEBUG, 0, r,
"Unsupported authentication type (%s) requested by client",
(auth_type) ? auth_type : "(NULL)");
/* optimizing hack */
if (conn_ctx->state == GSS_CTX_ESTABLISHED && auth_line == NULL) {
r->user = apr_pstrdup(r->pool, conn_ctx->user);
- r->ap_auth_type = "GSSAPI";
+ r->ap_auth_type = "Negotiate";
return OK;
}
/* XXXX subrequests ignored, only successful accesses taken into account! */
if (!ap_is_initial_req(r) && conn_ctx->state == GSS_CTX_ESTABLISHED) {
r->user = apr_pstrdup(r->pool, conn_ctx->user);
- r->ap_auth_type = "GSSAPI";
+ r->ap_auth_type = "Negotiate";
return OK;
}
if (ret == OK) {
r->user = apr_pstrdup(r->pool, conn_ctx->user);
- r->ap_auth_type = "GSSAPI";
+ r->ap_auth_type = "Negotiate";
}
/* debug LOG ??? */