/*
- * Copyright (c) 2010, JANET(UK)
+ * Copyright (c) 2011, JANET(UK)
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* SUCH DAMAGE.
*/
+/*
+ * Map mechanism OID to a SASL mechanism name.
+ */
+
#include "gssapiP_eap.h"
OM_uint32
OM_uint32 major;
gss_buffer_t name;
krb5_enctype etype = ENCTYPE_NULL;
- char krbBuf[128] = "eap-";
-
- /* Don't advertise GSS EAP pseudo-mechanism */
- if (oidEqual(mech, GSS_EAP_MECHANISM))
- return GSS_S_UNAVAILABLE;
/* Dynamically construct mechanism name from Kerberos string enctype */
major = gssEapOidToEnctype(minor, mech, &etype);
if (GSS_ERROR(major))
return major;
- if (krb5_enctype_to_name(etype, 0, &krbBuf[4], sizeof(krbBuf) - 4) == 0) {
- major = makeStringBuffer(minor, krbBuf, mech_name);
+ if (mech_name != GSS_C_NO_BUFFER) {
+ krb5_context krbContext;
+
+ GSSEAP_KRB_INIT(&krbContext);
+
+ *minor = krbEnctypeToString(krbContext, etype, "eap-", mech_name);
+ if (*minor != 0)
+ return GSS_S_FAILURE;
+ }
+
+ if (mech_description != GSS_C_NO_BUFFER) {
+ major = makeStringBuffer(minor,
+ "Extensible Authentication Protocol GSS-API Mechanism",
+ mech_description);
if (GSS_ERROR(major))
return major;
}
- major = makeStringBuffer(minor,
- "Extensible Authentication Protocol GSS-API Mechanism",
- mech_description);
- if (GSS_ERROR(major))
- return major;
-
- name = gssEapOidToSaslName(mech);
- if (name == GSS_C_NO_BUFFER)
- major = GSS_S_BAD_MECH;
- else
- major = duplicateBuffer(minor, name, sasl_mech_name);
+ if (sasl_mech_name != GSS_C_NO_BUFFER) {
+ name = gssEapOidToSaslName(mech);
+ if (name == GSS_C_NO_BUFFER) {
+ major = GSS_S_BAD_MECH;
+ *minor = GSSEAP_WRONG_MECH;
+ } else {
+ major = duplicateBuffer(minor, name, sasl_mech_name);
+ }
+ }
return major;
}