HEIMDAL:lib/gssapi/krb5: add GSS_KRB5_CRED_ITERATE_ACCEPTOR_KEYTAB_X

[metze/samba/wip.git] / third_party / heimdal / lib / gssapi / krb5 / set_cred_option.c

diff --git a/third_party/heimdal/lib/gssapi/krb5/set_cred_option.c b/third_party/heimdal/lib/gssapi/krb5/set_cred_option.c
index 77cb6de8a65224af1774fc16835dcaccf991c506..4e95cb5a4e7bad3fdc4ccf366550e33b5e1aa763 100644 (file)
--- a/third_party/heimdal/lib/gssapi/krb5/set_cred_option.c
+++ b/third_party/heimdal/lib/gssapi/krb5/set_cred_option.c
@@ -216,6 +216,25 @@ no_ci_flags(OM_uint32 *minor_status,
 
 }
 
+static OM_uint32
+iterate_acceptor_keytab(OM_uint32 *minor_status,
+                       krb5_context context,
+                       gss_cred_id_t *cred_handle,
+                       const gss_buffer_t value)
+{
+    gsskrb5_cred cred;
+
+    if (cred_handle == NULL || *cred_handle == GSS_C_NO_CREDENTIAL) {
+       *minor_status = 0;
+       return GSS_S_FAILURE;
+    }
+
+    cred = (gsskrb5_cred)*cred_handle;
+    cred->cred_flags |= GSS_CF_ITERATE_ACCEPTOR_KEYTAB;
+
+    *minor_status = 0;
+    return GSS_S_COMPLETE;
+}
 
 static OM_uint32
 skip_transit_check(OM_uint32 *minor_status,
@@ -267,6 +286,10 @@ _gsskrb5_set_cred_option
        return skip_transit_check(minor_status, context, cred_handle, value);
     }
 
+    if (gss_oid_equal(desired_object, GSS_KRB5_CRED_ITERATE_ACCEPTOR_KEYTAB_X)) {
+       return iterate_acceptor_keytab(minor_status, context, cred_handle, value);
+    }
+
     *minor_status = EINVAL;
     return GSS_S_FAILURE;
 }