gssapi: add NAMETYPE socket options

Problem: principals are looked up unconditionally with the GSS_C_NT_HOSTBASED_SERVICE name type. Solution: Add two new socket options to set the name type for ZMQ_GSSAPI_PRINCIPAL and ZMQ_GSSAPI_SERVICE_PRINCIPAL: ZMQ_GSSAPI_PRINCIPAL_NAMETYPE ZMQ_GSSAPI_SERVICE_PRINCIPAL_NAMETYPE They take an integer argument which must be one of ZMQ_GSSAPI_NT_HOSTBASED (0) - default ZMQ_GSSAPI_NT_USER_NAME (1) ZMQ_GSSAPI_NT_KRB5_PRINCIPAL (2) These correspond to GSSAPI name types of: GSS_C_NT_HOSTBASED_SERVICE GSS_C_NT_USER_NAME GSS_KRB5_NT_PRINCIPAL_NAME Fixes #2542
2025-10-29 12:18:04 +01:00 · 2017-04-20 16:28:30 -07:00
parent 4783605b78
commit 0b185e8297
8 changed files with 62 additions and 6 deletions
--- a/src/options.cpp
+++ b/src/options.cpp
@@ -69,6 +69,8 @@ zmq::options_t::options_t () :
    tcp_keepalive_intvl (-1),
    mechanism (ZMQ_NULL),
    as_server (0),
+    gss_principal_nt (ZMQ_GSSAPI_NT_HOSTBASED),
+    gss_service_principal_nt (ZMQ_GSSAPI_NT_HOSTBASED),
    gss_plaintext (false),
    socket_id (0),
    conflate (false),
@@ -509,6 +511,22 @@ int zmq::options_t::setsockopt (int option_, const void *optval_,
                return 0;
            }
            break;
+        case ZMQ_GSSAPI_PRINCIPAL_NAMETYPE:
+            if (is_int && (value == ZMQ_GSSAPI_NT_HOSTBASED
+                        || value == ZMQ_GSSAPI_NT_USER_NAME
+                        || value == ZMQ_GSSAPI_NT_KRB5_PRINCIPAL)) {
+                gss_principal_nt = value;
+                return 0;
+            }
+            break;
+        case ZMQ_GSSAPI_SERVICE_PRINCIPAL_NAMETYPE:
+            if (is_int && (value == ZMQ_GSSAPI_NT_HOSTBASED
+                        || value == ZMQ_GSSAPI_NT_USER_NAME
+                        || value == ZMQ_GSSAPI_NT_KRB5_PRINCIPAL)) {
+                gss_service_principal_nt = value;
+                return 0;
+            }
+            break;
 #endif

        case ZMQ_HANDSHAKE_IVL: