static void
zeroAndReleasePassword(gss_buffer_t password)
{
+ GSSEAP_ASSERT(password != GSS_C_NO_BUFFER);
+
if (password->value != NULL) {
memset(password->value, 0, password->length);
GSSEAP_FREE(password->value);
gss_release_buffer(&tmpMinor, &cred->radiusConfigFile);
gss_release_buffer(&tmpMinor, &cred->radiusConfigStanza);
gss_release_buffer(&tmpMinor, &cred->caCertificate);
+ gss_release_buffer(&tmpMinor, &cred->caCertificateBlob);
gss_release_buffer(&tmpMinor, &cred->subjectNameConstraint);
gss_release_buffer(&tmpMinor, &cred->subjectAltNameConstraint);
gss_release_buffer(&tmpMinor, &cred->clientCertificate);
gss_OID
gssEapPrimaryMechForCred(gss_cred_id_t cred)
{
- gss_OID nameMech = GSS_C_NO_OID;
+ gss_OID credMech = GSS_C_NO_OID;
- if (cred->mechanisms != GSS_C_NO_OID_SET &&
+ if (cred != GSS_C_NO_CREDENTIAL &&
+ cred->mechanisms != GSS_C_NO_OID_SET &&
cred->mechanisms->count == 1)
- nameMech = &cred->mechanisms->elements[0];
+ credMech = &cred->mechanisms->elements[0];
- return nameMech;
+ return credMech;
}
OM_uint32
if (GSS_ERROR(major))
gssEapReleaseCred(&tmpMinor, &cred);
+ gssEapTraceStatus("gss_acquire_cred", major, *minor);
return major;
}
duplicateBufferOrCleanup(&src->radiusConfigStanza, &dst->radiusConfigStanza);
if (src->caCertificate.value != NULL)
duplicateBufferOrCleanup(&src->caCertificate, &dst->caCertificate);
+ if (src->caCertificateBlob.value != NULL)
+ duplicateBufferOrCleanup(&src->caCertificateBlob, &dst->caCertificateBlob);
if (src->subjectNameConstraint.value != NULL)
duplicateBufferOrCleanup(&src->subjectNameConstraint, &dst->subjectNameConstraint);
if (src->subjectAltNameConstraint.value != NULL)
isDefaultIdentity = TRUE;
} else {
major = gssEapCompareName(minor, cred->name,
- defaultIdentityName, &isDefaultIdentity);
+ defaultIdentityName, 0,
+ &isDefaultIdentity);
if (GSS_ERROR(major))
goto cleanup;
}