On Fri, 2015-02-20 at 15:59 +0100, Nikos Mavrogiannopoulos wrote:
> --- a/openconnect-internal.h
> +++ b/openconnect-internal.h
> @@ -216,6 +216,19 @@ struct oc_text_buf {
> struct http_auth_state {
> int state;
> char *challenge;
> +#ifdef HAVE_GSSAPI
> + gss_name_t gss_target_name;
> + gss_ctx_id_t gss_context;
> +#endif
> +#ifdef _WIN32
> + CredHandle ntlm_sspi_cred;
> + CtxtHandle ntlm_sspi_ctx;
> + CredHandle sspi_cred[2];
> + CtxtHandle sspi_ctx[2];
> + SEC_WCHAR *sspi_target_name[2];
> +#else
> + int ntlm_helper_fd;
> +#endif
> };
I like this, but we certainly don't need *three* CredHandles and
CtxtHandles in each auth state. We probably want something like:
struct http_auth_state {
int state;
char *challenge;
#ifdef HAVE_GSSAPI
gss_name_t target_name;
gss_ctx_id_t context;
#endif
#ifdef _WIN32
CredHandle sspi_cred;
CtxtHandle sspi_ctx;
SEC_WCHAR *sspi_target_name[2];
#else
int ntlm_helper_fd;
#endif
};
We could even have the GSSAPI stuff and ntlm_helper_fd in a union, in
fact. They don't need to take up *separate* space.
--
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5745 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20150220/192e659a/attachment-0001.bin>
