summaryrefslogtreecommitdiff
path: root/source3/librpc/crypto
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2012-01-26 17:32:12 +0100
committerStefan Metzmacher <metze@samba.org>2012-05-17 20:04:31 +0200
commit9ec866fb6cdb672b2a7cb882510e7abd80679491 (patch)
treef6d4fec8e4e78e3e9c5491903ba1c25666039ef6 /source3/librpc/crypto
parentff700acdd04b2a3e01d125a616571479410e9657 (diff)
downloadsamba-9ec866fb6cdb672b2a7cb882510e7abd80679491.tar.gz
samba-9ec866fb6cdb672b2a7cb882510e7abd80679491.tar.bz2
samba-9ec866fb6cdb672b2a7cb882510e7abd80679491.zip
s3:gse: remember the expire time
metze
Diffstat (limited to 'source3/librpc/crypto')
-rw-r--r--source3/librpc/crypto/gse.c17
1 files changed, 15 insertions, 2 deletions
diff --git a/source3/librpc/crypto/gse.c b/source3/librpc/crypto/gse.c
index a9c9c47410..64ae97720f 100644
--- a/source3/librpc/crypto/gse.c
+++ b/source3/librpc/crypto/gse.c
@@ -44,6 +44,8 @@ struct gse_context {
gss_cred_id_t delegated_cred_handle;
+ NTTIME expire_time;
+
/* gensec_gse only */
krb5_context k5ctx;
krb5_ccache ccache;
@@ -290,6 +292,8 @@ static NTSTATUS gse_get_client_auth_token(TALLOC_CTX *mem_ctx,
gss_buffer_desc out_data;
DATA_BLOB blob = data_blob_null;
NTSTATUS status;
+ OM_uint32 time_rec = 0;
+ struct timeval tv;
in_data.value = token_in->data;
in_data.length = token_in->length;
@@ -302,10 +306,13 @@ static NTSTATUS gse_get_client_auth_token(TALLOC_CTX *mem_ctx,
gse_ctx->gss_want_flags,
0, GSS_C_NO_CHANNEL_BINDINGS,
&in_data, NULL, &out_data,
- &gse_ctx->gss_got_flags, NULL);
+ &gse_ctx->gss_got_flags, &time_rec);
switch (gss_maj) {
case GSS_S_COMPLETE:
/* we are done with it */
+ tv = timeval_current_ofs(time_rec, 0);
+ gse_ctx->expire_time = timeval_to_nttime(&tv);
+
status = NT_STATUS_OK;
break;
case GSS_S_CONTINUE_NEEDED:
@@ -439,6 +446,8 @@ static NTSTATUS gse_get_server_auth_token(TALLOC_CTX *mem_ctx,
gss_buffer_desc out_data;
DATA_BLOB blob = data_blob_null;
NTSTATUS status;
+ OM_uint32 time_rec = 0;
+ struct timeval tv;
in_data.value = token_in->data;
in_data.length = token_in->length;
@@ -451,11 +460,15 @@ static NTSTATUS gse_get_server_auth_token(TALLOC_CTX *mem_ctx,
&gse_ctx->client_name,
&gse_ctx->ret_mech,
&out_data,
- &gse_ctx->gss_got_flags, NULL,
+ &gse_ctx->gss_got_flags,
+ &time_rec,
&gse_ctx->delegated_cred_handle);
switch (gss_maj) {
case GSS_S_COMPLETE:
/* we are done with it */
+ tv = timeval_current_ofs(time_rec, 0);
+ gse_ctx->expire_time = timeval_to_nttime(&tv);
+
status = NT_STATUS_OK;
break;
case GSS_S_CONTINUE_NEEDED: