search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
(parent: a7359d6) | patch
krb5: Improve cccol sub naming; add gss_store_cred_into2()
commit7bf4d76e75e904dd65a0fbb90c9cad981245f714
authorNicolas Williams <nico@twosigma.com>
Thu, 23 Jan 2020 01:18:14 +0000 (22 19:18 -0600)
committerNicolas Williams <nico@twosigma.com>
Mon, 2 Mar 2020 23:48:04 +0000 (2 17:48 -0600)
treec090bc4abe87dab946dd6797538eb0ba4cfa7099tree | snapshot (tar.gz zip)
parenta7359d689809263ef844f899c782b58e21e8165dcommit | diff
krb5: Improve cccol sub naming; add gss_store_cred_into2()

 - Formalize the TYPE:collection_name:subsidiary_name naming scheme for
   ccaches in ccache collections
    - KEYRING: ccaches are weird because they have one more optional field: the
      "anchor", so rather than just assume a naming convention everywhere, we
      add new functions as well
 - Add krb5_cc_{resolve,default}_sub() that allows one to specify a
   "subsidiary" ccache name in a collection separately from the
   collection name
 - Add krb5_cc_{resolve,default}_for() which take a principal name,
   unparse it, and use it as the subsidiary ccache name (with colons
   replaced)
 - Make kinit use the new interfaces
 - Add missing DIR ccache iteration functionality
 - Revamps test_cc
 - Add krb5_cc_get_collection() and krb5_cc_get_subsidiary()
 - Bump the ccops SPI version number
 - Add gss_store_cred_into2()
 - Make MEMORY:anonymous not linked into the global MEMORY ccache
   collection, and uses this for delegated cred handles

TBD:

 - Split this up into a krb5 change and gss mech_krb5 change?
 - Add krb5_cc_init_and_store() utility, per Greg's suggestion?
33 files changed:
kcm/glue.c diff | blob | blame | history
kuser/kinit.c diff | blob | blame | history
lib/gssapi/gssapi/gssapi.h diff | blob | blame | history
lib/gssapi/gssapi_mech.h diff | blob | blame | history
lib/gssapi/krb5/accept_sec_context.c diff | blob | blame | history
lib/gssapi/krb5/copy_ccache.c diff | blob | blame | history
lib/gssapi/krb5/external.c diff | blob | blame | history
lib/gssapi/krb5/set_cred_option.c diff | blob | blame | history
lib/gssapi/krb5/store_cred.c diff | blob | blame | history
lib/gssapi/libgssapi-exports.def diff | blob | blame | history
lib/gssapi/mech/gss_store_cred_into.c diff | blob | blame | history
lib/gssapi/ntlm/external.c diff | blob | blame | history
lib/gssapi/spnego/external.c diff | blob | blame | history
lib/gssapi/test_add_store_cred.c diff | blob | blame | history
lib/gssapi/version-script.map diff | blob | blame | history
lib/krb5/acache.c diff | blob | blame | history
lib/krb5/cache.c diff | blob | blame | history
lib/krb5/dcache.c diff | blob | blame | history
lib/krb5/fcache.c diff | blob | blame | history
lib/krb5/kcm.c diff | blob | blame | history
lib/krb5/krb5.h diff | blob | blame | history
lib/krb5/krcache.c diff | blob | blame | history
lib/krb5/libkrb5-exports.def.in diff | blob | blame | history
lib/krb5/mcache.c diff | blob | blame | history
lib/krb5/scache.c diff | blob | blame | history
lib/krb5/test_cc.c diff | blob | blame | history
lib/krb5/verify_krb5_conf.c diff | blob | blame | history
lib/krb5/version-script.map diff | blob | blame | history
tests/gss/check-basic.in diff | blob | blame | history
tests/gss/check-context.in diff | blob | blame | history
tests/kdc/Makefile.am diff | blob | blame | history
tests/kdc/check-cc.in diff | blob | blame | history
tests/kdc/krb5-cccol.conf.in [new file with mode: 0644] blob
Heimdal