major = load_uint32_be(&p[0]);
*minor = ERROR_TABLE_BASE_eapg + load_uint32_be(&p[4]);
- if (!GSS_ERROR(major)) {
+ if (!GSS_ERROR(major) || !IS_WIRE_ERROR(*minor)) {
major = GSS_S_FAILURE;
*minor = GSSEAP_BAD_ERROR_TOKEN;
}
gss_buffer_desc innerInputToken;
gss_buffer_desc innerOutputToken = GSS_C_EMPTY_BUFFER;
enum gss_eap_token_type tokType;
- gss_cred_id_t defaultCred = GSS_C_NO_CREDENTIAL;
int initialContextToken = 0;
*minor = 0;
GSSEAP_MUTEX_LOCK(&ctx->mutex);
if (cred == GSS_C_NO_CREDENTIAL) {
- if (ctx->initiatorCtx.defaultCred == GSS_C_NO_CREDENTIAL) {
+ if (ctx->defaultCred == GSS_C_NO_CREDENTIAL) {
major = gssEapAcquireCred(minor,
GSS_C_NO_NAME,
GSS_C_NO_BUFFER,
time_req,
GSS_C_NO_OID_SET,
GSS_C_INITIATE,
- &defaultCred,
+ &ctx->defaultCred,
NULL,
NULL);
if (GSS_ERROR(major))
goto cleanup;
}
- cred = ctx->initiatorCtx.defaultCred;
+ cred = ctx->defaultCred;
}
GSSEAP_MUTEX_LOCK(&cred->mutex);
sm = &eapGssInitiatorSm[ctx->state];
- if (input_token != GSS_C_NO_BUFFER) {
+ if (input_token != GSS_C_NO_BUFFER && input_token->length != 0) {
major = gssEapVerifyToken(minor, ctx, input_token,
&tokType, &innerInputToken);
if (GSS_ERROR(major))