projects / mech_eap.orig / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
remove SM_FLAG_STOP_EVAL, unused
[mech_eap.orig] / util_sm.c
diff --git a/util_sm.c b/util_sm.c
index ae687ba..3a3e1f5 100644 (file)
--- a/util_sm.c
+++ b/util_sm.c
@@ -81,6 +81,7 @@ gssEapStateToString(enum gss_eap_state state)
 void
 gssEapSmTransition(gss_ctx_id_t ctx, enum gss_eap_state state)
 {
+    assert(state >= GSSEAP_STATE_INITIAL);
     assert(state <= GSSEAP_STATE_ESTABLISHED);
 
     fprintf(stderr, "GSS-EAP: state transition %s->%s\n",
@@ -328,12 +329,10 @@ gssEapSmStep(OM_uint32 *minor,
                 innerOutputTokens->count++;
             }
             /*
-             * Break out if explicitly requested, or if we made a state transition
-             * and have some tokens to send.
+             * Break out if we made a state transition and have some tokens to send.
              */
-            if ((smFlags & SM_FLAG_STOP_EVAL) ||
-                ((smFlags & SM_FLAG_TRANSITED) &&
-                 ((smFlags & SM_FLAG_FORCE_SEND_TOKEN) || innerOutputTokens->count != 0))) {
+            if ((smFlags & SM_FLAG_TRANSITED) &&
+                 ((smFlags & SM_FLAG_FORCE_SEND_TOKEN) || innerOutputTokens->count != 0)) {
                 SM_ASSERT_VALID(ctx, major);
                 break;
             }
@@ -382,7 +381,7 @@ gssEapSmStep(OM_uint32 *minor,
     /* Format output token from inner tokens */
     if (innerOutputTokens->count != 0 ||            /* inner tokens to send */
         !CTX_IS_INITIATOR(ctx) ||                   /* any leg acceptor */
-        ctx->state != GSSEAP_STATE_ESTABLISHED) {   /* non-last leg initiator */
+        !CTX_IS_ESTABLISHED(ctx)) {                 /* non-last leg initiator */
         tmpMajor = gssEapEncodeInnerTokens(&tmpMinor, innerOutputTokens,
                                            outputTokenTypes, &unwrappedOutputToken);
         if (tmpMajor == GSS_S_COMPLETE) {
@@ -396,6 +395,9 @@ gssEapSmStep(OM_uint32 *minor,
         }
     }
 
+    /* If the context is established, empty tokens only to be emitted by initiator */
+    assert(!CTX_IS_ESTABLISHED(ctx) || ((outputToken->length == 0) == CTX_IS_INITIATOR(ctx)));
+
     SM_ASSERT_VALID(ctx, major);
 
 cleanup:
Moonshot GSS-API mechanism