cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: [PATCH] A new option CURLOPT_GSSAPI_DELEGATION

From: Kamil Dudka <kdudka_at_redhat.com>
Date: Sun, 31 Jul 2011 17:28:10 +0200

On Wednesday 27 July 2011 18:43:41 Julien Chaffraix wrote:
> On Mon, Jul 25, 2011 at 3:28 AM, Kamil Dudka <kdudka_at_redhat.com> wrote:
> > On Fri July 22 2011 20:07:06 Daniel Stenberg wrote:
> >> Richard Silverman commented the following, which I believe didn't make
> >> it through to the list:
> >>
> >> ----
> >>
> >> At least in the MIT Kerberos GSSAPI implementation, if you set
> >> GSS_C_DELEG_POLICY_FLAG for gss_init_sec_context(), it will delegate if
> >> and only if the OK-AS-DELEGATE flag is set in the service ticket.  So, I
> >> propose three options for curl behavior:
> >>
> >> 1) no delegation (default)
> >> 2) delegate, but only if the ticket has OK-AS-DELEGATE
> >> 3) unconditional delegation
> >>
> >> ----
> >
> > Richard's proposal is now reflected in my incremental patch.  I am
> > attaching both patches to be applied.  CURLOPT_GSSAPI_DELEGATION now
> > takes values 0..2, 0 means 'no delegation' (default), 1 means 'delegate,
> > but only if the ticket has OK-AS-DELEGATE' as long as this is supported
> > by the GSSAPI implementation (otherwise equal to 0), and 2 means
> > 'unconditional delegation'.
>
> Just a couple of nits but it looks good to me. I guess Richard should
> be the one to weight in if he feels this meets his needs.

Richard, are you still around? Could you please have a look at the latest
version of the patch? Does it meet your needs? Thanks in advance!

http://thread.gmane.org/gmane.comp.web.curl.library/32355/focus=32419

Kamil

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2011-07-31