[PATCH] make use of "gensec_gssapi:requested_life_time" in s3/gse
Jeremy Allison
jra at samba.org
Fri Mar 16 00:01:46 UTC 2018
On Thu, Mar 15, 2018 at 09:42:08AM +0100, Ralph Böhme via samba-technical wrote:
> Hi!
>
> Attached is a simple patch to make use of use
> "gensec_gssapi:requested_life_time" in source3/gse similar to what is already in
> source3.
>
> Please review&push if ok.
LGTM. RB+ and pushed.
Jeremy.
> --
> Ralph Boehme, Samba Team https://samba.org/
> Samba Developer, SerNet GmbH https://sernet.de/en/samba/
> GPG Key Fingerprint: FAE2 C608 8A24 2520 51C5
> 59E4 AA1E 9B71 2639 9E46
> From e4b4258a2ef90640391c52822d5725824854fedc Mon Sep 17 00:00:00 2001
> From: Ralph Boehme <slow at samba.org>
> Date: Wed, 7 Mar 2018 12:52:15 +0100
> Subject: [PATCH] s3: gse: use "gensec_gssapi:requested_life_time"
>
> Signed-off-by: Ralph Boehme <slow at samba.org>
> ---
> source3/librpc/crypto/gse.c | 10 ++++++++--
> 1 file changed, 8 insertions(+), 2 deletions(-)
>
> diff --git a/source3/librpc/crypto/gse.c b/source3/librpc/crypto/gse.c
> index 5cb664710ef..70e29c27923 100644
> --- a/source3/librpc/crypto/gse.c
> +++ b/source3/librpc/crypto/gse.c
> @@ -352,6 +352,12 @@ static NTSTATUS gse_get_client_auth_token(TALLOC_CTX *mem_ctx,
> char *server_principal = NULL;
> char *server_realm = NULL;
> bool fallback = false;
> + OM_uint32 time_req = 0;
> +
> + time_req = gensec_setting_int(gensec_security->settings,
> + "gensec_gssapi",
> + "requested_life_time",
> + time_req);
>
> in_data.value = token_in->data;
> in_data.length = token_in->length;
> @@ -419,7 +425,7 @@ static NTSTATUS gse_get_client_auth_token(TALLOC_CTX *mem_ctx,
> gse_ctx->server_name,
> &gse_ctx->gss_mech,
> gse_ctx->gss_want_flags,
> - 0,
> + time_req,
> GSS_C_NO_CHANNEL_BINDINGS,
> &in_data,
> NULL,
> @@ -476,7 +482,7 @@ static NTSTATUS gse_get_client_auth_token(TALLOC_CTX *mem_ctx,
> gse_ctx->server_name,
> &gse_ctx->gss_mech,
> gse_ctx->gss_want_flags,
> - 0, GSS_C_NO_CHANNEL_BINDINGS,
> + time_req, GSS_C_NO_CHANNEL_BINDINGS,
> &in_data, NULL, &out_data,
> &gse_ctx->gss_got_flags, &time_rec);
> goto init_sec_context_done;
> --
> 2.13.6
>
More information about the samba-technical
mailing list