Use krb5_c_make_checksum hack to determine checksum

[mech_eap.orig] / gssapiP_eap.h

diff --git a/gssapiP_eap.h b/gssapiP_eap.h
index 4e34b78..3a2dd80 100644 (file)
--- a/gssapiP_eap.h
+++ b/gssapiP_eap.h
@@ -95,8 +95,10 @@ struct gss_cred_id_struct {
 
 enum eap_gss_state {
     EAP_STATE_AUTHENTICATE = 0,
+#if 0
     EAP_STATE_KEY_TRANSPORT,
     EAP_STATE_SECURE_ASSOCIATION,
+#endif
     EAP_STATE_GSS_CHANNEL_BINDINGS,
     EAP_STATE_ESTABLISHED
 };
@@ -133,19 +135,20 @@ struct gss_ctx_id_struct {
     OM_uint32 flags;
     OM_uint32 gssFlags;
     gss_OID mechanismUsed;
+    krb5_cksumtype checksumType;
     krb5_enctype encryptionType;
     krb5_keyblock rfc3961Key;
     gss_name_t initiatorName;
     gss_name_t acceptorName;
     time_t expiryTime;
+    uint64_t sendSeq, recvSeq;
+    void *seqState;
     union {
         struct eap_gss_initiator_ctx initiator;
         #define initiatorCtx         ctxU.initiator
         struct eap_gss_acceptor_ctx  acceptor;
         #define acceptorCtx          ctxU.acceptor
     } ctxU;
-    uint64_t sendSeq, recvSeq;
-    void *seqState;
 };
 
 #define TOK_FLAG_SENDER_IS_ACCEPTOR         0x01
@@ -156,6 +159,7 @@ struct gss_ctx_id_struct {
 #define KEY_USAGE_ACCEPTOR_SIGN             23
 #define KEY_USAGE_INITIATOR_SEAL            24
 #define KEY_USAGE_INITIATOR_SIGN            25
+#define KEY_USAGE_CHANNEL_BINDINGS          64
 
 /* wrap_iov.c */
 OM_uint32
@@ -176,5 +180,4 @@ gssEapUnwrapOrVerifyMIC(OM_uint32 *minor_status,
                         int iov_count,
                         enum gss_eap_token_type toktype);
 
-
 #endif /* _GSSAPIP_EAP_H_ */