projects
/
moonshot.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge branch 'master' into tlv-mic
[moonshot.git]
/
mech_eap
/
accept_sec_context.c
diff --git
a/mech_eap/accept_sec_context.c
b/mech_eap/accept_sec_context.c
index
b6e516d
..
16e60fb
100644
(file)
--- a/
mech_eap/accept_sec_context.c
+++ b/
mech_eap/accept_sec_context.c
@@
-72,7
+72,7
@@
acceptReadyEap(OM_uint32 *minor, gss_ctx_id_t ctx, gss_cred_id_t cred)
major = gssEapRadiusGetRawAvp(minor, ctx->acceptorCtx.vps,
PW_USER_NAME, 0, &vp);
major = gssEapRadiusGetRawAvp(minor, ctx->acceptorCtx.vps,
PW_USER_NAME, 0, &vp);
- if (major == GSS_S_COMPLETE) {
+ if (major == GSS_S_COMPLETE
&& vp->length
) {
nameBuf.length = vp->length;
nameBuf.value = vp->vp_strvalue;
} else {
nameBuf.length = vp->length;
nameBuf.value = vp->vp_strvalue;
} else {
@@
-121,6
+121,11
@@
acceptReadyEap(OM_uint32 *minor, gss_ctx_id_t ctx, gss_cred_id_t cred)
if (GSS_ERROR(major))
return major;
if (GSS_ERROR(major))
return major;
+ if (ctx->expiryTime < time(NULL)) {
+ *minor = GSSEAP_CRED_EXPIRED;
+ return GSS_S_CREDENTIALS_EXPIRED;
+ }
+
*minor = 0;
return GSS_S_COMPLETE;
}
*minor = 0;
return GSS_S_COMPLETE;
}
@@
-464,7
+469,7
@@
createRadiusHandle(OM_uint32 *minor,
assert(actx->radContext == NULL);
assert(actx->radConn == NULL);
assert(actx->radContext == NULL);
assert(actx->radConn == NULL);
- if (rs_context_create(&actx->radContext
, RS_DICT_FILE
) != 0) {
+ if (rs_context_create(&actx->radContext) != 0) {
*minor = GSSEAP_RADSEC_CONTEXT_FAILURE;
return GSS_S_FAILURE;
}
*minor = GSSEAP_RADSEC_CONTEXT_FAILURE;
return GSS_S_FAILURE;
}
@@
-486,6
+491,11
@@
createRadiusHandle(OM_uint32 *minor,
goto fail;
}
goto fail;
}
+ if (rs_context_init_freeradius_dict(actx->radContext, NULL) != 0) {
+ err = rs_err_ctx_pop(actx->radContext);
+ goto fail;
+ }
+
if (rs_conn_create(actx->radContext, &actx->radConn, configStanza) != 0) {
err = rs_err_conn_pop(actx->radConn);
goto fail;
if (rs_conn_create(actx->radContext, &actx->radConn, configStanza) != 0) {
err = rs_err_conn_pop(actx->radConn);
goto fail;