#include "gssapiP_eap.h"
/*
- * 1.3.6.1.4.1.5322(padl)
- * gssEap(22)
+ * Mechanism and name types are taken from 1.3.6.1.5.5(mechanisms)
+ * assigned at http://www.iana.org/assignments/smi-numbers
+ *
+ * abfab(15)
* mechanisms(1)
- * eap-aes128-cts-hmac-sha1-96(17)
- * eap-aes256-cts-hmac-sha1-96(18)
- * nameTypes(2)
+ * gss-eap-v1(1)
+ * eap-aes128-cts-hmac-sha1-96(17)
+ * eap-aes256-cts-hmac-sha1-96(18)
+ * nametypes(2)
+ * GSS_EAP_NT_EAP_NAME(1)
+ *
+ * Implementation-internal OIDs are taken from 1.3.6.1.4.1.5322(padl)
+ * gssEap(22)
* apiExtensions(3)
* inquireSecContextByOid(1)
* inquireCredByOid(2)
* canonicalized exported names.
*/
static gss_OID_desc gssEapMechOids[] = {
- /* 1.3.6.1.4.1.5322.22.1 */
- { 9, "\x2B\x06\x01\x04\x01\xA9\x4A\x16\x01" },
- /* 1.3.6.1.4.1.5322.22.1.17 */
- { 10, "\x2B\x06\x01\x04\x01\xA9\x4A\x16\x01\x11" },
- /* 1.3.6.1.4.1.5322.22.1.18 */
- { 10, "\x2B\x06\x01\x04\x01\xA9\x4A\x16\x01\x12" }
+ /* 1.3.6.1.5.5.15.1.1 */
+ { 8, "\x2B\x06\x01\x05\x05\x0f\x01\x01" },
+ /* 1.3.6.1.5.5.15.1.1.17 */
+ { 9, "\x2B\x06\x01\x05\x05\x0f\x01\x01\x11" },
+ /* 1.3.6.1.5.5.15.1.1.18 */
+ { 9, "\x2B\x06\x01\x05\x05\x0f\x01\x01\x12" },
};
gss_OID GSS_EAP_MECHANISM = &gssEapMechOids[0];
gss_OID_set *mechs)
{
krb5_context krbContext;
- OM_uint32 major, tmpMinor;
+ OM_uint32 major;
krb5_enctype *etypes;
int i;
GSSEAP_KRB_INIT(&krbContext);
+#ifdef HAVE_HEIMDAL_VERSION
+ *minor = krb5_get_default_in_tkt_etypes(krbContext, KRB5_PDU_NONE, &etypes);
+#else
*minor = krb5_get_permitted_enctypes(krbContext, &etypes);
+#endif
if (*minor != 0) {
return GSS_S_FAILURE;
}
for (i = 0; etypes[i] != ENCTYPE_NULL; i++) {
gss_OID mechOid;
+#ifndef HAVE_HEIMDAL_VERSION
+ OM_uint32 tmpMinor;
+#endif
/* XXX currently we aren't equipped to encode these enctypes */
if (etypes[i] < 0 || etypes[i] > 127)
if (GSS_ERROR(major))
break;
+#ifndef HAVE_HEIMDAL_VERSION
gss_release_oid(&tmpMinor, &mechOid);
+#endif
}
GSSEAP_FREE(etypes);