* or implied warranty.
*/
+/*
+ * Message protection services: wrap with scatter-gather API.
+ */
+
#include "gssapiP_eap.h"
unsigned char
if (isAcceptor)
flags |= TOK_FLAG_SENDER_IS_ACCEPTOR;
- if ((ctx->flags & CTX_FLAG_KRB_REAUTH_GSS) &&
+ if ((ctx->flags & CTX_FLAG_KRB_REAUTH) &&
(ctx->gssFlags & GSS_C_MUTUAL_FLAG))
flags |= TOK_FLAG_ACCEPTOR_SUBKEY;
size_t dataLen, assocDataLen;
krb5_context krbContext;
- if (ctx->encryptionType == ENCTYPE_NULL)
+ if (ctx->encryptionType == ENCTYPE_NULL) {
+ *minor = GSSEAP_KEY_UNAVAILABLE;
return GSS_S_UNAVAILABLE;
+ }
GSSEAP_KRB_INIT(&krbContext);
header = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_HEADER);
if (header == NULL) {
- *minor = EINVAL;
+ *minor = GSSEAP_MISSING_IOV;
return GSS_S_FAILURE;
}
if (header->type & GSS_IOV_BUFFER_FLAG_ALLOCATE) {
code = gssEapAllocIov(header, (size_t)gssHeaderLen);
} else if (header->buffer.length < gssHeaderLen)
- code = KRB5_BAD_MSIZE;
+ code = GSSEAP_WRONG_SIZE;
if (code != 0)
goto cleanup;
outbuf = (unsigned char *)header->buffer.value;
if (trailer->type & GSS_IOV_BUFFER_FLAG_ALLOCATE)
code = gssEapAllocIov(trailer, (size_t)gssTrailerLen);
else if (trailer->buffer.length < gssTrailerLen)
- code = KRB5_BAD_MSIZE;
+ code = GSSEAP_WRONG_SIZE;
if (code != 0)
goto cleanup;
trailer->buffer.length = (size_t)gssTrailerLen;
if (header->type & GSS_IOV_BUFFER_FLAG_ALLOCATE)
code = gssEapAllocIov(header, (size_t)gssHeaderLen);
else if (header->buffer.length < gssHeaderLen)
- code = KRB5_BAD_MSIZE;
+ code = GSSEAP_WRONG_SIZE;
if (code != 0)
goto cleanup;
outbuf = (unsigned char *)header->buffer.value;
if (trailer->type & GSS_IOV_BUFFER_FLAG_ALLOCATE)
code = gssEapAllocIov(trailer, (size_t)gssTrailerLen);
else if (trailer->buffer.length < gssTrailerLen)
- code = KRB5_BAD_MSIZE;
+ code = GSSEAP_WRONG_SIZE;
if (code != 0)
goto cleanup;
trailer->buffer.length = (size_t)gssTrailerLen;
}
code = 0;
+ if (conf_state != NULL)
+ *conf_state = conf_req_flag;
cleanup:
if (code != 0)
if (ctx == GSS_C_NO_CONTEXT) {
*minor = EINVAL;
- return GSS_S_NO_CONTEXT;
+ return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CONTEXT;
+ }
+
+ if (qop_req != GSS_C_QOP_DEFAULT) {
+ *minor = GSSEAP_UNKNOWN_QOP;
+ return GSS_S_UNAVAILABLE;
}
*minor = 0;
if (!CTX_IS_ESTABLISHED(ctx)) {
major = GSS_S_NO_CONTEXT;
+ *minor = GSSEAP_CONTEXT_INCOMPLETE;
goto cleanup;
}