summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2012-03-02 22:02:36 +0100
committerStefan Metzmacher <metze@samba.org>2012-05-17 20:04:31 +0200
commit943cb79596e2823f166bc6a59d40008afa187b7a (patch)
treea0a429c130067878e71e7ca4d4f674bbc9f202ad
parent9ec866fb6cdb672b2a7cb882510e7abd80679491 (diff)
downloadsamba-943cb79596e2823f166bc6a59d40008afa187b7a.tar.gz
samba-943cb79596e2823f166bc6a59d40008afa187b7a.tar.bz2
samba-943cb79596e2823f166bc6a59d40008afa187b7a.zip
s4:auth/gensec_gssapi: remember the expire time
metze
-rw-r--r--source4/auth/gensec/gensec_gssapi.c10
-rw-r--r--source4/auth/gensec/gensec_gssapi.h1
2 files changed, 9 insertions, 2 deletions
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index 31964731d5..fedd1c831c 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -415,6 +415,9 @@ static NTSTATUS gensec_gssapi_update(struct gensec_security *gensec_security,
OM_uint32 min_stat2;
gss_buffer_desc input_token, output_token;
gss_OID gss_oid_p = NULL;
+ OM_uint32 time_rec = 0;
+ struct timeval tv;
+
input_token.length = in.length;
input_token.value = in.data;
@@ -455,7 +458,7 @@ static NTSTATUS gensec_gssapi_update(struct gensec_security *gensec_security,
&gss_oid_p,
&output_token,
&gensec_gssapi_state->gss_got_flags, /* ret flags */
- NULL);
+ &time_rec);
if (gss_oid_p) {
gensec_gssapi_state->gss_oid = gss_oid_p;
}
@@ -484,7 +487,7 @@ static NTSTATUS gensec_gssapi_update(struct gensec_security *gensec_security,
&gss_oid_p,
&output_token,
&gensec_gssapi_state->gss_got_flags,
- NULL,
+ &time_rec,
&gensec_gssapi_state->delegated_cred_handle);
if (gss_oid_p) {
gensec_gssapi_state->gss_oid = gss_oid_p;
@@ -508,6 +511,9 @@ static NTSTATUS gensec_gssapi_update(struct gensec_security *gensec_security,
DEBUG(5, ("gensec_gssapi: NO credentials were delegated\n"));
}
+ tv = timeval_current_ofs(time_rec, 0);
+ gensec_gssapi_state->expire_time = timeval_to_nttime(&tv);
+
/* We may have been invoked as SASL, so there
* is more work to do */
if (gensec_gssapi_state->sasl) {
diff --git a/source4/auth/gensec/gensec_gssapi.h b/source4/auth/gensec/gensec_gssapi.h
index 569d787f7f..b7429b5f48 100644
--- a/source4/auth/gensec/gensec_gssapi.h
+++ b/source4/auth/gensec/gensec_gssapi.h
@@ -43,6 +43,7 @@ struct gensec_gssapi_state {
gss_cred_id_t delegated_cred_handle;
+ NTTIME expire_time;
/* gensec_gssapi only */
gss_krb5_lucid_context_v1_t *lucid;