Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.427 (Entity 5.427)
From: ghudson@mit.edu
Subject: SVN Commit
X-RT-Original-Encoding: iso-8859-1
Content-Length: 948


The initial implementation of client-side S4U2Proxy support did not
allow delegated proxy credentials to be stored (gss_store_cred would
error out, and gss_krb5_copy_ccache would generate a non-working
cache).  To make this work, we save the impersonator name in a cache
config variable and in a cred structure field (replacing the
proxy_cred flag), and make the default principal of the proxy cache
the subject principal as the caller would expect for a regular
delegated cred.

https://github.com/krb5/krb5/commit/38de4804776a1a1a255b89b104b983fa1f10a664
Commit By: ghudson
Revision: 25529
Changed Files:
U   trunk/src/include/k5-int.h
U   trunk/src/lib/gssapi/krb5/acquire_cred.c
U   trunk/src/lib/gssapi/krb5/gssapiP_krb5.h
U   trunk/src/lib/gssapi/krb5/init_sec_context.c
U   trunk/src/lib/gssapi/krb5/rel_cred.c
U   trunk/src/lib/gssapi/krb5/s4u_gss_glue.c
U   trunk/src/lib/gssapi/krb5/store_cred.c
U   trunk/src/lib/gssapi/krb5/val_cred.c