|
|
|
@ -334,7 +334,6 @@ static handler_t mod_authn_gssapi_check_spnego(server *srv, connection *con, plu |
|
|
|
|
|
|
|
/*(future: might modify http_auth_scheme_t to store (void *)p_d
|
|
|
|
* and pass to checkfn, similar to http_auth_backend_t) */ |
|
|
|
buffer *ktname; |
|
|
|
buffer *sprinc; |
|
|
|
int ret = 0; |
|
|
|
|
|
|
|
@ -347,15 +346,18 @@ static handler_t mod_authn_gssapi_check_spnego(server *srv, connection *con, plu |
|
|
|
|
|
|
|
mod_authn_gssapi_patch_connection(srv, con, p); |
|
|
|
|
|
|
|
/* ??? Should code = krb5_kt_resolve(kcontext, p->conf.auth_gssapi_keytab->ptr, &keytab);
|
|
|
|
* be used, instead of putenv() of KRB5_KTNAME=...? See mod_authn_gssapi_basic() */ |
|
|
|
/* ??? Should KRB5_KTNAME go into con->environment instead ??? */ |
|
|
|
/* ??? Should KRB5_KTNAME be added to mod_authn_gssapi_basic(), too? */ |
|
|
|
ktname = buffer_init_string("KRB5_KTNAME="); |
|
|
|
buffer_append_string_buffer(ktname, p->conf.auth_gssapi_keytab); |
|
|
|
putenv(ktname->ptr); |
|
|
|
/* ktname becomes part of the environment, do not free */ |
|
|
|
/* buffer_free(ktname); */ |
|
|
|
{ |
|
|
|
/* ??? Should code = krb5_kt_resolve(kcontext, p->conf.auth_gssapi_keytab->ptr, &keytab);
|
|
|
|
* be used, instead of putenv() of KRB5_KTNAME=...? See mod_authn_gssapi_basic() */ |
|
|
|
/* ??? Should KRB5_KTNAME go into con->environment instead ??? */ |
|
|
|
/* ??? Should KRB5_KTNAME be added to mod_authn_gssapi_basic(), too? */ |
|
|
|
buffer ktname; |
|
|
|
memset(&ktname, 0, sizeof(ktname)); |
|
|
|
buffer_copy_string(&ktname, "KRB5_KTNAME="); |
|
|
|
buffer_append_string_buffer(&ktname, p->conf.auth_gssapi_keytab); |
|
|
|
putenv(ktname.ptr); |
|
|
|
/* ktname.ptr becomes part of the environment, do not free */ |
|
|
|
} |
|
|
|
|
|
|
|
sprinc = buffer_init_buffer(p->conf.auth_gssapi_principal); |
|
|
|
if (strchr(sprinc->ptr, '/') == NULL) { |
|
|
|
|
