Switch from using a specific error message context in the TLS to have

a whole krb5_context in TLS. This have some interestion side-effekts
for the configruration setting options since they operate on
per-thread basis now.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19031 ec53bebd-3082-4978-b11e-865c3cabbd6b

lib/gssapi/krb5/set_sec_context_option.c

@@ -58,9 +58,10 @@ _gsskrb5_set_sec_context_option
             const gss_OID desired_object,
             const gss_buffer_t value)
 {
+    krb5_context context;
     OM_uint32 maj_stat;
 
-    GSSAPI_KRB5_INIT ();
+    GSSAPI_KRB5_INIT (&context);
 
     if (value == GSS_C_NO_BUFFER) {
 	*minor_status = EINVAL;
@@ -96,7 +97,7 @@ _gsskrb5_set_sec_context_option
 	if (maj_stat != GSS_S_COMPLETE)
 	    return maj_stat;
 
-	krb5_set_dns_canonicalize_hostname(_gsskrb5_context, flag);
+	krb5_set_dns_canonicalize_hostname(context, flag);
 	return GSS_S_COMPLETE;
 
     } else if (gss_oid_equal(desired_object, GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X)) {
@@ -135,7 +136,7 @@ _gsskrb5_set_sec_context_option
 	memcpy(str, value->value, value->length);
 	str[value->length] = '\0';
 
-	krb5_set_default_realm(_gsskrb5_context, str);
+	krb5_set_default_realm(context, str);
 	free(str);
 
 	*minor_status = 0;
@@ -144,7 +145,7 @@ _gsskrb5_set_sec_context_option
     } else if (gss_oid_equal(desired_object, GSS_KRB5_SEND_TO_KDC_X)) {
 
 	if (value == NULL || value->length == 0) {
-	    krb5_set_send_to_kdc_func(_gsskrb5_context, NULL, NULL);
+	    krb5_set_send_to_kdc_func(context, NULL, NULL);
 	} else {
 	    struct gsskrb5_send_to_kdc c;
 
@@ -153,7 +154,7 @@ _gsskrb5_set_sec_context_option
 		return GSS_S_FAILURE;
 	    }
 	    memcpy(&c, value->value, sizeof(c));
-	    krb5_set_send_to_kdc_func(_gsskrb5_context,
+	    krb5_set_send_to_kdc_func(context,
 				      (krb5_send_to_kdc_func)c.func, 
 				      c.ptr);
 	}