Mercurial > dovecot > original-hg > dovecot-1.2
changeset 8093:9ca5e8f66d10 HEAD
Added support for gssapi_hostname=$ALL for multihomed hosts.
Patch by Jason Gunthorpe.
| author | Timo Sirainen <tss@iki.fi> |
|---|---|
| date | Wed, 13 Aug 2008 14:59:10 -0400 |
| parents | 29b623366e1e |
| children | 641d761219a6 |
| files | dovecot-example.conf src/auth/mech-gssapi.c |
| diffstat | 2 files changed, 8 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/dovecot-example.conf Wed Aug 13 14:36:11 2008 -0400 +++ b/dovecot-example.conf Wed Aug 13 14:59:10 2008 -0400 @@ -779,7 +779,7 @@ #auth_worker_max_request_count = 0 # Host name to use in GSSAPI principal names. The default is to use the -# name returned by gethostname(). +# name returned by gethostname(). Use "$ALL" to allow all keytab entries. #auth_gssapi_hostname = # Kerberos keytab to use for the GSSAPI mechanism. Will use the system
--- a/src/auth/mech-gssapi.c Wed Aug 13 14:36:11 2008 -0400 +++ b/src/auth/mech-gssapi.c Wed Aug 13 14:59:10 2008 -0400 @@ -139,6 +139,13 @@ gss_name_t gss_principal; const char *service_name; + if (strcmp(request->auth->gssapi_hostname, "$ALL") == 0) { + auth_request_log_info(request, "gssapi", + "Using all keytab entries"); + *ret = GSS_C_NO_CREDENTIAL; + return GSS_S_COMPLETE; + } + if (strcasecmp(request->service, "POP3") == 0) { /* The standard POP3 service name with GSSAPI is called just "pop". */