OM_uint32 minor_status, /* Minor status code */
major_status; /* Major status code */
gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER;
- /* Output token */
- char *gss_service_name; /* GSS service name */
+ /* Output token */
+ _cups_globals_t *cg = _cupsGlobals(); /* Thread globals */
# ifdef __APPLE__
if (http->gssname == GSS_C_NO_NAME)
{
- if ((gss_service_name = getenv("CUPS_GSSSERVICENAME")) == NULL)
- gss_service_name = CUPS_DEFAULT_GSSSERVICENAME;
- else
- DEBUG_puts("2_cupsSetNegotiateAuthString: GSS service name set via "
- "environment variable");
+ if (!cg->gss_service_name[0])
+ _cupsSetDefaults();
- http->gssname = cups_get_gssname(http, gss_service_name);
+ http->gssname = cups_get_gssname(http, cg->gss_service_name);
}
if (http->gssctx != GSS_C_NO_CONTEXT)
major_status = gss_init_sec_context(&minor_status, GSS_C_NO_CREDENTIAL,
&http->gssctx,
http->gssname, http->gssmech,
-#ifdef GSS_C_DELEG_POLICY_FLAG
- GSS_C_DELEG_POLICY_FLAG |
-#endif /* GSS_C_DELEG_POLICY_FLAG */
GSS_C_MUTUAL_FLAG | GSS_C_INTEG_FLAG,
GSS_C_INDEFINITE,
GSS_C_NO_CHANNEL_BINDINGS,
DEBUG_printf(("9cups_local_auth: Unable to open file %s: %s",
filename, strerror(errno)));
-#ifdef HAVE_GSSAPI
+# ifdef HAVE_GSSAPI
if (!strncmp(http->fields[HTTP_FIELD_WWW_AUTHENTICATE], "Negotiate", 9))
{
/*
return (1);
}
-#endif /* HAVE_GSSAPI */
+# endif /* HAVE_GSSAPI */
+# ifdef HAVE_AUTHORIZATION_H
+ if (httpGetSubField2(http, HTTP_FIELD_WWW_AUTHENTICATE, "authkey",
+ auth_key, sizeof(auth_key)))
+ {
+ /*
+ * Don't use the root certificate as a replacement for an authkey...
+ */
+
+ return (1);
+ }
+# endif /* HAVE_AUTHORIZATION_H */
if (!httpGetSubField2(http, HTTP_FIELD_WWW_AUTHENTICATE, "trc", trc,
sizeof(trc)))
{