Branch: refs/heads/main
Home:
https://github.com/gssapi/gssproxy
Commit: daaa2334d02553d136e10bf5b3a1a1ddd23eefd4
https://github.com/gssapi/gssproxy/commit/daaa2334d02553d136e10bf5b3a1a1d...
Author: Scott Mayhew <smayhew(a)redhat.com>
Date: 2021-09-03 (Fri, 03 Sep 2021)
Changed paths:
M src/gp_config.c
Log Message:
-----------
Call gp_debug_toggle() sooner
Currently gp_debug_toggle() is called at the end of load_config(), and
as a result any GPDEBUG() calls that happen during config processing are
no-ops.
Signed-off-by: Scott Mayhew <smayhew(a)redhat.com>
Commit: c6847f012b326a7e27dbe79d8df0faafdeb2dbef
https://github.com/gssapi/gssproxy/commit/c6847f012b326a7e27dbe79d8df0faa...
Author: Scott Mayhew <smayhew(a)redhat.com>
Date: 2021-09-03 (Fri, 03 Sep 2021)
Changed paths:
M examples/99-nfs-client.conf.in
M man/gssproxy.conf.5.xml
M src/gp_config.c
M src/gp_creds.c
M src/gp_proxy.h
Log Message:
-----------
Add an option for minimum lifetime
It's possible for gssproxy to return a cached credential with a very
small remaining lifetime. This can be problematic for NFS clients since
it requires a round trip to the NFS server to establish a GSS context.
Add a min_lifetime option that represents the lowest value that the
lifetime of the cached credential can be. Any lower than that, and
gp_check_cred() returns GSS_S_CREDENTIALS_EXPIRED, so that
gp_add_krb5_creds() is forced to try to obtain a new credential.
Signed-off-by: Scott Mayhew <smayhew(a)redhat.com>
Compare:
https://github.com/gssapi/gssproxy/compare/00bcb2dd4fe2...c6847f012b32