projects
/
mod_auth_kerb.cvs
/
.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
176dc31
)
added auth name to local name mapping. Tickets [1957143], [1303627], [2013838 ],...
author
baalberith
<baalberith>
Fri, 8 Aug 2008 11:56:55 +0000
(11:56 +0000)
committer
baalberith
<baalberith>
Fri, 8 Aug 2008 11:56:55 +0000
(11:56 +0000)
src/mod_auth_kerb.c
patch
|
blob
|
history
diff --git
a/src/mod_auth_kerb.c
b/src/mod_auth_kerb.c
index
1fb4603
..
b120a09
100644
(file)
--- a/
src/mod_auth_kerb.c
+++ b/
src/mod_auth_kerb.c
@@
-165,6
+165,7
@@
typedef struct {
char *krb_5_keytab;
int krb_method_gssapi;
int krb_method_k5pass;
char *krb_5_keytab;
int krb_method_gssapi;
int krb_method_k5pass;
+ int krb5_do_auth_to_local;
#endif
#ifdef KRB4
char *krb_4_srvtab;
#endif
#ifdef KRB4
char *krb_4_srvtab;
@@
-227,6
+228,9
@@
static const command_rec kerb_auth_cmds[] = {
command("KrbMethodK5Passwd", ap_set_flag_slot, krb_method_k5pass,
FLAG, "Enable Kerberos V5 password authentication."),
command("KrbMethodK5Passwd", ap_set_flag_slot, krb_method_k5pass,
FLAG, "Enable Kerberos V5 password authentication."),
+
+ command("Krb5TrimRealm", ap_set_flag_slot, krb5_do_auth_to_local,
+ FLAG, "Set to 'on' to have Kerberos do auth_to_local mapping of principal names to system user names."),
#endif
#ifdef KRB4
#endif
#ifdef KRB4
@@
-303,6
+307,10
@@
const krb5_rc_ops_internal mod_auth_kerb_rc_ops = {
};
#endif
};
#endif
+/***************************************************************************
+ Macro To Control krb5_aname_to_localname buffer size
+ ***************************************************************************/
+#define AN_TO_LN_BUFFSIZE_MAX 1024
/***************************************************************************
Auth Configuration Initialization
/***************************************************************************
Auth Configuration Initialization
@@
-320,6
+328,7
@@
static void *kerb_dir_create_config(MK_POOL *p, char *d)
((kerb_auth_config *)rec)->krb_ssl_preauthentication = 0;
#endif
#ifdef KRB5
((kerb_auth_config *)rec)->krb_ssl_preauthentication = 0;
#endif
#ifdef KRB5
+ ((kerb_auth_config *)rec)->krb5_do_auth_to_local = 0;
((kerb_auth_config *)rec)->krb_method_k5pass = 1;
((kerb_auth_config *)rec)->krb_method_gssapi = 1;
#endif
((kerb_auth_config *)rec)->krb_method_k5pass = 1;
((kerb_auth_config *)rec)->krb_method_gssapi = 1;
#endif
@@
-1012,7
+1021,10
@@
authenticate_user_krb5pwd(request_rec *r,
if (conf->krb_save_credentials)
store_krb5_creds(kcontext, r, conf, ccache);
if (conf->krb_save_credentials)
store_krb5_creds(kcontext, r, conf, ccache);
-
+
+ if (conf->krb5_do_auth_to_local) {
+ krb5_aname_to_localname(kcontext, client, AN_TO_LN_BUFFSIZE_MAX, MK_USER);
+ }
ret = OK;
end:
ret = OK;
end: