diff options
author | Stefan Metzmacher <metze@samba.org> | 2012-01-26 17:32:12 +0100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2012-05-17 20:04:31 +0200 |
commit | 9ec866fb6cdb672b2a7cb882510e7abd80679491 (patch) | |
tree | f6d4fec8e4e78e3e9c5491903ba1c25666039ef6 | |
parent | ff700acdd04b2a3e01d125a616571479410e9657 (diff) | |
download | samba-9ec866fb6cdb672b2a7cb882510e7abd80679491.tar.gz samba-9ec866fb6cdb672b2a7cb882510e7abd80679491.tar.bz2 samba-9ec866fb6cdb672b2a7cb882510e7abd80679491.zip |
s3:gse: remember the expire time
metze
-rw-r--r-- | source3/librpc/crypto/gse.c | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/source3/librpc/crypto/gse.c b/source3/librpc/crypto/gse.c index a9c9c47410..64ae97720f 100644 --- a/source3/librpc/crypto/gse.c +++ b/source3/librpc/crypto/gse.c @@ -44,6 +44,8 @@ struct gse_context { gss_cred_id_t delegated_cred_handle; + NTTIME expire_time; + /* gensec_gse only */ krb5_context k5ctx; krb5_ccache ccache; @@ -290,6 +292,8 @@ static NTSTATUS gse_get_client_auth_token(TALLOC_CTX *mem_ctx, gss_buffer_desc out_data; DATA_BLOB blob = data_blob_null; NTSTATUS status; + OM_uint32 time_rec = 0; + struct timeval tv; in_data.value = token_in->data; in_data.length = token_in->length; @@ -302,10 +306,13 @@ static NTSTATUS gse_get_client_auth_token(TALLOC_CTX *mem_ctx, gse_ctx->gss_want_flags, 0, GSS_C_NO_CHANNEL_BINDINGS, &in_data, NULL, &out_data, - &gse_ctx->gss_got_flags, NULL); + &gse_ctx->gss_got_flags, &time_rec); switch (gss_maj) { case GSS_S_COMPLETE: /* we are done with it */ + tv = timeval_current_ofs(time_rec, 0); + gse_ctx->expire_time = timeval_to_nttime(&tv); + status = NT_STATUS_OK; break; case GSS_S_CONTINUE_NEEDED: @@ -439,6 +446,8 @@ static NTSTATUS gse_get_server_auth_token(TALLOC_CTX *mem_ctx, gss_buffer_desc out_data; DATA_BLOB blob = data_blob_null; NTSTATUS status; + OM_uint32 time_rec = 0; + struct timeval tv; in_data.value = token_in->data; in_data.length = token_in->length; @@ -451,11 +460,15 @@ static NTSTATUS gse_get_server_auth_token(TALLOC_CTX *mem_ctx, &gse_ctx->client_name, &gse_ctx->ret_mech, &out_data, - &gse_ctx->gss_got_flags, NULL, + &gse_ctx->gss_got_flags, + &time_rec, &gse_ctx->delegated_cred_handle); switch (gss_maj) { case GSS_S_COMPLETE: /* we are done with it */ + tv = timeval_current_ofs(time_rec, 0); + gse_ctx->expire_time = timeval_to_nttime(&tv); + status = NT_STATUS_OK; break; case GSS_S_CONTINUE_NEEDED: |