TODO s3:gse: gensec_gssapi", "requested_life_time

diff --git a/source3/librpc/crypto/gse.c b/source3/librpc/crypto/gse.c
index bcda8de896f5cadbb6d839da6501e22b059be3fd..3a8a4037077773947e6c607bc5c9c0e3cdc2adb5 100644 (file)
--- a/source3/librpc/crypto/gse.c
+++ b/source3/librpc/crypto/gse.c
@@ -342,6 +342,7 @@ static NTSTATUS gse_get_client_auth_token(TALLOC_CTX *mem_ctx,
        gss_buffer_desc out_data;
        DATA_BLOB blob = data_blob_null;
        NTSTATUS status;
+       OM_uint32 time_req = 0;
        OM_uint32 time_rec = 0;
        struct timeval tv;
        struct cli_credentials *cli_creds = gensec_get_credentials(gensec_security);
@@ -353,6 +354,10 @@ static NTSTATUS gse_get_client_auth_token(TALLOC_CTX *mem_ctx,
        char *server_realm = NULL;
        bool fallback = false;
 
+       time_req = gensec_setting_int(gensec_security->settings,
+                                     "gensec_gssapi", "requested_life_time",
+                                     time_req);
+
        in_data.value = token_in->data;
        in_data.length = token_in->length;
 
@@ -476,7 +481,7 @@ static NTSTATUS gse_get_client_auth_token(TALLOC_CTX *mem_ctx,
                                        gse_ctx->server_name,
                                        &gse_ctx->gss_mech,
                                        gse_ctx->gss_want_flags,
-                                       0, GSS_C_NO_CHANNEL_BINDINGS,
+                                       time_req, GSS_C_NO_CHANNEL_BINDINGS,
                                        &in_data, NULL, &out_data,
                                        &gse_ctx->gss_got_flags, &time_rec);
        goto init_sec_context_done;