krbPrinc = ctx->acceptorName->krbPrincipal;
GSSEAP_ASSERT(krbPrinc != NULL);
- GSSEAP_ASSERT(KRB_PRINC_LENGTH(krbPrinc) >= 2);
+ GSSEAP_ASSERT(KRB_PRINC_LENGTH(krbPrinc) >= 1);
/* Acceptor-Service-Name */
krbPrincComponentToGssBuffer(krbPrinc, 0, &nameBuf);
return major;
/* Acceptor-Host-Name */
- krbPrincComponentToGssBuffer(krbPrinc, 1, &nameBuf);
-
- major = gssEapRadiusAddAvp(minor, req,
- PW_GSS_ACCEPTOR_HOST_NAME,
- 0,
- &nameBuf);
- if (GSS_ERROR(major))
- return major;
-
+ if (KRB_PRINC_LENGTH(krbPrinc) >= 2) {
+ krbPrincComponentToGssBuffer(krbPrinc, 1, &nameBuf);
+
+ major = gssEapRadiusAddAvp(minor, req,
+ PW_GSS_ACCEPTOR_HOST_NAME,
+ 0,
+ &nameBuf);
+ if (GSS_ERROR(major))
+ return major;
+ }
if (KRB_PRINC_LENGTH(krbPrinc) > 2) {
/* Acceptor-Service-Specific */
- krb5_principal_data ssiPrinc = *krbPrinc;
- char *ssi;
-
- KRB_PRINC_LENGTH(&ssiPrinc) -= 2;
- KRB_PRINC_NAME(&ssiPrinc) += 2;
-
- *minor = krb5_unparse_name_flags(krbContext, &ssiPrinc,
- KRB5_PRINCIPAL_UNPARSE_NO_REALM, &ssi);
+ *minor = krbPrincUnparseServiceSpecifics(krbContext,
+ krbPrinc, &nameBuf);
if (*minor != 0)
return GSS_S_FAILURE;
- nameBuf.value = ssi;
- nameBuf.length = strlen(ssi);
-
major = gssEapRadiusAddAvp(minor, req,
PW_GSS_ACCEPTOR_SERVICE_SPECIFICS,
0,
&nameBuf);
-
- if (GSS_ERROR(major)) {
- krb5_free_unparsed_name(krbContext, ssi);
+ krbFreeUnparsedName(krbContext, &nameBuf);
+ if (GSS_ERROR(major))
return major;
- }
- krb5_free_unparsed_name(krbContext, ssi);
}
krbPrincRealmToGssBuffer(krbPrinc, &nameBuf);
* credential handle.
*/
- /*
- * Calling gssEapInquireCred() forces the default acceptor credential name
- * to be resolved.
- */
- major = gssEapInquireCred(minor, cred, &ctx->acceptorName, NULL, NULL, NULL);
- if (GSS_ERROR(major))
- goto cleanup;
+ if (cred->name != GSS_C_NO_NAME) {
+ major = gssEapDuplicateName(minor, cred->name, &ctx->acceptorName);
+ if (GSS_ERROR(major))
+ goto cleanup;
+ }
major = gssEapSmStep(minor,
cred,