Feature #2967 » 0001-mod_authn_gssapi-allow-authentication-without-delega.patch
src/mod_authn_gssapi.c | ||
---|---|---|
421 | 421 |
goto end; |
422 | 422 |
} |
423 | 423 | |
424 |
if (!(acc_flags & GSS_C_DELEG_FLAG)) { |
|
425 |
log_error_write(srv, __FILE__, __LINE__, "ss", "Unable to delegate credentials for user:", token_out.value); |
|
426 |
goto end; |
|
427 |
} |
|
428 | ||
429 | 424 |
/* check the allow-rules */ |
430 |
if (!http_auth_match_rules(require, token_out.value, NULL, NULL)) { |
|
425 |
ret = http_auth_match_rules(require, token_out.value, NULL, NULL); |
|
426 | ||
427 |
if (!ret) |
|
431 | 428 |
goto end; |
432 |
} |
|
433 | 429 | |
434 |
ret = mod_authn_gssapi_store_gss_creds(srv, con, p, token_out.value, client_cred); |
|
435 |
if (ret) |
|
436 |
http_auth_setenv(con, token_out.value, token_out.length, CONST_STR_LEN("GSSAPI")); |
|
430 |
http_auth_setenv(con, token_out.value, token_out.length, CONST_STR_LEN("GSSAPI")); |
|
431 | ||
432 |
/* store delegated credentials */ |
|
433 |
if (acc_flags & GSS_C_DELEG_FLAG) |
|
434 |
if (!(mod_authn_gssapi_store_gss_creds(srv, con, p, token_out.value, client_cred))) |
|
435 |
log_error_write(srv, __FILE__, __LINE__, "ss", "Unable to store delegated credentials for user:", token_out.value); |
|
437 | 436 | |
438 | 437 |
end: |
439 | 438 |
buffer_free(t_in); |