Feature #2967 » 0001-mod_authn_gssapi-allow-authentication-without-delega.patch
| src/mod_authn_gssapi.c | ||
|---|---|---|
| 421 | 421 |
goto end; |
| 422 | 422 |
} |
| 423 | 423 | |
| 424 |
if (!(acc_flags & GSS_C_DELEG_FLAG)) {
|
|
| 425 |
log_error_write(srv, __FILE__, __LINE__, "ss", "Unable to delegate credentials for user:", token_out.value); |
|
| 426 |
goto end; |
|
| 427 |
} |
|
| 428 | ||
| 429 | 424 |
/* check the allow-rules */ |
| 430 |
if (!http_auth_match_rules(require, token_out.value, NULL, NULL)) {
|
|
| 425 |
ret = http_auth_match_rules(require, token_out.value, NULL, NULL); |
|
| 426 | ||
| 427 |
if (!ret) |
|
| 431 | 428 |
goto end; |
| 432 |
} |
|
| 433 | 429 | |
| 434 |
ret = mod_authn_gssapi_store_gss_creds(srv, con, p, token_out.value, client_cred); |
|
| 435 |
if (ret) |
|
| 436 |
http_auth_setenv(con, token_out.value, token_out.length, CONST_STR_LEN("GSSAPI"));
|
|
| 430 |
http_auth_setenv(con, token_out.value, token_out.length, CONST_STR_LEN("GSSAPI"));
|
|
| 431 | ||
| 432 |
/* store delegated credentials */ |
|
| 433 |
if (acc_flags & GSS_C_DELEG_FLAG) |
|
| 434 |
if (!(mod_authn_gssapi_store_gss_creds(srv, con, p, token_out.value, client_cred))) |
|
| 435 |
log_error_write(srv, __FILE__, __LINE__, "ss", "Unable to store delegated credentials for user:", token_out.value); |
|
| 437 | 436 | |
| 438 | 437 |
end: |
| 439 | 438 |
buffer_free(t_in); |