}
ctx->state = GSSEAP_STATE_INITIAL;
+ ctx->mechanismUsed = GSS_C_NO_OID;
/*
* Integrity, confidentiality, sequencing and replay detection are
gssEapReleaseName(&tmpMinor, &ctx->acceptorName);
gssEapReleaseOid(&tmpMinor, &ctx->mechanismUsed);
sequenceFree(&tmpMinor, &ctx->seqState);
- gssEapReleaseCred(&tmpMinor, &ctx->defaultCred);
+ gssEapReleaseCred(&tmpMinor, &ctx->cred);
GSSEAP_MUTEX_DESTROY(&ctx->mutex);
{
unsigned char *p;
+ assert(ctx->mechanismUsed != GSS_C_NO_OID);
+
outputToken->length = tokenSize(ctx->mechanismUsed, innerToken->length);
outputToken->value = GSSEAP_MALLOC(outputToken->length);
if (outputToken->value == NULL) {
int verifyMIC)
{
OM_uint32 major;
- gss_iov_buffer_desc *iov;
+ gss_iov_buffer_desc *iov = NULL;
size_t i = 0, j;
enum gss_eap_token_type tokType;
OM_uint32 micTokType;
unsigned char wireTokType[2];
- unsigned char *innerTokTypes;
+ unsigned char *innerTokTypes = NULL, *innerTokLengths = NULL;
const struct gss_eap_token_buffer_set *tokens;
tokens = verifyMIC ? ctx->inputTokens : ctx->outputTokens;
assert(tokens != NULL);
- iov = GSSEAP_CALLOC(2 + (2 * tokens->buffers.count) + 1, sizeof(*iov));
+ iov = GSSEAP_CALLOC(2 + (3 * tokens->buffers.count) + 1, sizeof(*iov));
if (iov == NULL) {
+ major = GSS_S_FAILURE;
*minor = ENOMEM;
- return GSS_S_FAILURE;
+ goto cleanup;
}
innerTokTypes = GSSEAP_MALLOC(4 * tokens->buffers.count);
if (innerTokTypes == NULL) {
- GSSEAP_FREE(iov);
*minor = ENOMEM;
- return GSS_S_FAILURE;
+ major = GSS_S_FAILURE;
+ goto cleanup;
+ }
+
+ innerTokLengths = GSSEAP_MALLOC(4 * tokens->buffers.count);
+ if (innerTokLengths == NULL) {
+ major = GSS_S_FAILURE;
+ *minor = ENOMEM;
+ goto cleanup;
}
/* Mechanism OID */
i++;
iov[i].type = GSS_IOV_BUFFER_TYPE_DATA;
+ iov[i].buffer.length = 4;
+ iov[i].buffer.value = &innerTokLengths[j * 4];
+ store_uint32_be(tokens->buffers.elements[j].length,
+ iov[i].buffer.value);
+ i++;
+
+ iov[i].type = GSS_IOV_BUFFER_TYPE_DATA;
iov[i].buffer = tokens->buffers.elements[j];
i++;
}
if (verifyMIC) {
assert(tokenMIC->length >= 16);
- assert(i < 2 + (2 * tokens->buffers.count));
+ assert(i < 2 + (3 * tokens->buffers.count));
iov[i].type = GSS_IOV_BUFFER_TYPE_HEADER;
iov[i].buffer.length = 16;
*tokenMIC = iov[i - 1].buffer;
}
- gssEapReleaseIov(iov, tokens->buffers.count);
- GSSEAP_FREE(innerTokTypes);
+cleanup:
+ if (iov != NULL)
+ gssEapReleaseIov(iov, tokens->buffers.count);
+ if (innerTokTypes != NULL)
+ GSSEAP_FREE(innerTokTypes);
+ if (innerTokLengths != NULL)
+ GSSEAP_FREE(innerTokLengths);
return major;
}