/*
- * Copyright (c) 2010, JANET(UK)
+ * Copyright (c) 2011, JANET(UK)
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* or implied warranty.
*/
-#include "gssapiP_eap.h"
+/*
+ * PRF
+ */
-#ifndef MIN /* Usually found in <sys/param.h>. */
-#define MIN(_a,_b) ((_a)<(_b)?(_a):(_b))
-#endif
+#include "gssapiP_eap.h"
OM_uint32
gss_pseudo_random(OM_uint32 *minor,
size_t prflen;
krb5_data t, ns;
unsigned char *p;
+ krb5_context krbContext;
prf_out->length = 0;
prf_out->value = NULL;
- if (!CTX_IS_ESTABLISHED(ctx))
+ if (ctx == GSS_C_NO_CONTEXT) {
+ *minor = EINVAL;
+ return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CONTEXT;
+ }
+
+ *minor = 0;
+
+ GSSEAP_MUTEX_LOCK(&ctx->mutex);
+
+ if (!CTX_IS_ESTABLISHED(ctx)) {
+ GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
+ *minor = GSSEAP_CONTEXT_INCOMPLETE;
return GSS_S_NO_CONTEXT;
+ }
+
+ GSSEAP_KRB_INIT(&krbContext);
t.length = 0;
t.data = NULL;
ns.length = 0;
ns.data = NULL;
- if (prf_key != GSS_C_PRF_KEY_FULL &&
+ if (prf_key != GSS_C_PRF_KEY_PARTIAL &&
prf_key != GSS_C_PRF_KEY_FULL) {
- code = EINVAL;
+ code = GSSEAP_BAD_PRF_KEY;
goto cleanup;
}
}
prf_out->length = desired_output_len;
- code = krb5_c_prf_length(ctx->kerberosCtx,
+ code = krb5_c_prf_length(krbContext,
ctx->encryptionType,
&prflen);
if (code != 0)
while (desired_output_len > 0) {
store_uint32_be(i, ns.data);
- code = krb5_c_prf(ctx->kerberosCtx, ctx->rfc3961Key, &ns, &t);
+ code = krb5_c_prf(krbContext, &ctx->rfc3961Key, &ns, &t);
if (code != 0)
goto cleanup;
}
cleanup:
+ GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
+
if (code != 0)
gss_release_buffer(&tmpMinor, prf_out);
- krb5_free_data_contents(ctx->kerberosCtx, &ns);
- krb5_free_data_contents(ctx->kerberosCtx, &t);
+ krb5_free_data_contents(krbContext, &ns);
+ krb5_free_data_contents(krbContext, &t);
*minor = code;
+
return (code == 0) ? GSS_S_COMPLETE : GSS_S_FAILURE;
}
-