gss: allow partial accept context export in SPNEGO
Support for exporting partially established acceptor context tokens. With this, an acceptor can send the initiator an encrypted state cookie containing the exported context token. (The concrete mechanism, of course, must either require a single round trip or support partial context export itself. Kerberos and GSS EAP would work, but Kerberos with GSS_C_DCE_STYLE would not, as currently implemented.) Partial context export is not permitted for initiators.
This commit is contained in:
Luke Howard
@@ -171,6 +171,7 @@ mechsrc = \
|
||||
spnegosrc = \
|
||||
spnego/accept_sec_context.c \
|
||||
spnego/compat.c \
|
||||
spnego/context_storage.c \
|
||||
spnego/context_stubs.c \
|
||||
spnego/external.c \
|
||||
spnego/init_sec_context.c \
|
||||
|
||||
Reference in New Issue
Block a user