rpms/mod_auth_kerb/FC-5 mod_auth_kerb-5.3-cache.patch,NONE,1.1
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Thu Nov 23 15:16:21 UTC 2006
- Previous message (by thread): rpms/mod_auth_kerb/FC-5 .cvsignore, 1.3, 1.4 mod_auth_kerb-5.0-exports.patch, 1.1, 1.2 mod_auth_kerb.spec, 1.11, 1.12 sources, 1.3, 1.4 mod_auth_kerb-5.0-apr1x.patch, 1.1, NONE mod_auth_kerb-5.0-cache.patch, 1.2, NONE mod_auth_kerb-5.0-gcc4.patch, 1.1, NONE
- Next message (by thread): rpms/vnc/devel vnc-render.patch,1.13,1.14 vnc.spec,1.155,1.156
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: jorton
Update of /cvs/dist/rpms/mod_auth_kerb/FC-5
In directory cvs.devel.redhat.com:/tmp/cvs-serv7645
Added Files:
mod_auth_kerb-5.3-cache.patch
Log Message:
- add missing patch
mod_auth_kerb-5.3-cache.patch:
mod_auth_kerb.c | 45 +++++++++++++++++++++++++++++----------------
1 files changed, 29 insertions(+), 16 deletions(-)
--- NEW FILE mod_auth_kerb-5.3-cache.patch ---
--- mod_auth_kerb-5.3/src/mod_auth_kerb.c.cache
+++ mod_auth_kerb-5.3/src/mod_auth_kerb.c
@@ -85,6 +85,8 @@
#define snprintf _snprintf
#endif
+#include <unistd.h>
+
#ifdef KRB5
#include <krb5.h>
#ifdef HEIMDAL
@@ -1239,6 +1241,8 @@
return memcmp(p, oid->elements, oid->length);
}
+#define NAMEKEY "mod_auth_kerb:client_name"
+
static int
authenticate_user_gss(request_rec *r, kerb_auth_config *conf,
const char *auth_line, char **negotiate_ret_value)
@@ -1390,6 +1394,14 @@
MK_AUTH_TYPE = MECH_NEGOTIATE;
MK_USER = apr_pstrdup(r->pool, output_token.value);
+#ifndef APXS1
+ {
+ apr_status_t rv;
+ rv = apr_pool_userdata_set(r->user, NAMEKEY, NULL, r->connection->pool);
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, rv, r,
+ "set cached name %s for connection", r->user);
+ }
+#endif
if (conf->krb_save_credentials && delegated_cred != GSS_C_NO_CREDENTIAL)
store_gss_creds(r, conf, (char *)output_token.value, delegated_cred);
@@ -1418,17 +1430,6 @@
}
#endif /* KRB5 */
-static int
-already_succeeded(request_rec *r)
-{
- if (ap_is_initial_req(r) || MK_AUTH_TYPE == NULL)
- return 0;
- if (strcmp(MK_AUTH_TYPE, MECH_NEGOTIATE) ||
- (strcmp(MK_AUTH_TYPE, "Basic") && strchr(MK_USER, '@')))
- return 1;
- return 0;
-}
-
static void
set_kerb_auth_headers(request_rec *r, const kerb_auth_config *conf,
int use_krb4, int use_krb5pwd, char *negotiate_ret_value)
@@ -1476,7 +1477,6 @@
const char *type = NULL;
int use_krb5 = 0, use_krb4 = 0;
int ret;
- static int last_return = HTTP_UNAUTHORIZED;
char *negotiate_ret_value = NULL;
/* get the type specified in .htaccess */
@@ -1505,6 +1505,23 @@
}
#endif
+#ifndef APXS1
+ if (use_krb5 && conf->krb_method_gssapi) {
+ void *data = NULL;
+ const char *name;
+
+ if (apr_pool_userdata_get(&data, NAMEKEY, r->connection->pool) == APR_SUCCESS
+ && data != NULL) {
+ name = data;
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
+ "using cached name %s", name);
+ r->user = apr_pstrdup(r->pool, name);
+ r->ap_auth_type = "Negotiate";
+ return OK;
+ }
+ }
+#endif
+
/* get what the user sent us in the HTTP header */
auth_line = MK_TABLE_GET(r->headers_in, (r->proxyreq == PROXYREQ_PROXY)
? "Proxy-Authorization"
@@ -1527,9 +1544,6 @@
(strcasecmp(auth_type, "Basic") == 0))
return DECLINED;
- if (already_succeeded(r))
- return last_return;
-
ret = HTTP_UNAUTHORIZED;
#ifdef KRB5
@@ -1553,7 +1567,6 @@
/* XXX log_debug: if ret==OK, log(user XY authenticated) */
- last_return = ret;
return ret;
}
- Previous message (by thread): rpms/mod_auth_kerb/FC-5 .cvsignore, 1.3, 1.4 mod_auth_kerb-5.0-exports.patch, 1.1, 1.2 mod_auth_kerb.spec, 1.11, 1.12 sources, 1.3, 1.4 mod_auth_kerb-5.0-apr1x.patch, 1.1, NONE mod_auth_kerb-5.0-cache.patch, 1.2, NONE mod_auth_kerb-5.0-gcc4.patch, 1.1, NONE
- Next message (by thread): rpms/vnc/devel vnc-render.patch,1.13,1.14 vnc.spec,1.155,1.156
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list