X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;ds=sidebyside;f=mech_eap%2Futil_cred.c;h=707e02934fba98c9b0cf61155aac9603d0c76657;hb=HEAD;hp=487aa4738e78570d300a95876f86d85ec4d8b394;hpb=26311844916784cc0781b1a304b590dff5742fcb;p=mech_eap.git

diff --git a/mech_eap/util_cred.c b/mech_eap/util_cred.c
index 487aa47..707e029 100644
--- a/mech_eap/util_cred.c
+++ b/mech_eap/util_cred.c
@@ -72,6 +72,8 @@ gssEapAllocCred(OM_uint32 *minor, gss_cred_id_t *pCred)
 static void
 zeroAndReleasePassword(gss_buffer_t password)
 {
+    GSSEAP_ASSERT(password != GSS_C_NO_BUFFER);
+
     if (password->value != NULL) {
         memset(password->value, 0, password->length);
         GSSEAP_FREE(password->value);
@@ -102,6 +104,7 @@ gssEapReleaseCred(OM_uint32 *minor, gss_cred_id_t *pCred)
     gss_release_buffer(&tmpMinor, &cred->radiusConfigFile);
     gss_release_buffer(&tmpMinor, &cred->radiusConfigStanza);
     gss_release_buffer(&tmpMinor, &cred->caCertificate);
+    gss_release_buffer(&tmpMinor, &cred->caCertificateBlob);
     gss_release_buffer(&tmpMinor, &cred->subjectNameConstraint);
     gss_release_buffer(&tmpMinor, &cred->subjectAltNameConstraint);
     gss_release_buffer(&tmpMinor, &cred->clientCertificate);
@@ -255,7 +258,7 @@ gssEapPrimaryMechForCred(gss_cred_id_t cred)
 
 OM_uint32
 gssEapAcquireCred(OM_uint32 *minor,
-                  const gss_name_t desiredName,
+                  gss_const_name_t desiredName,
                   OM_uint32 timeReq GSSEAP_UNUSED,
                   const gss_OID_set desiredMechs,
                   int credUsage,
@@ -299,15 +302,15 @@ gssEapAcquireCred(OM_uint32 *minor,
         goto cleanup;
 
     if (desiredName != GSS_C_NO_NAME) {
-        GSSEAP_MUTEX_LOCK(&desiredName->mutex);
+        GSSEAP_MUTEX_LOCK(&((gss_name_t)desiredName)->mutex);
 
         major = gssEapDuplicateName(minor, desiredName, &cred->name);
         if (GSS_ERROR(major)) {
-            GSSEAP_MUTEX_UNLOCK(&desiredName->mutex);
+            GSSEAP_MUTEX_UNLOCK(&((gss_name_t)desiredName)->mutex);
             goto cleanup;
         }
 
-        GSSEAP_MUTEX_UNLOCK(&desiredName->mutex);
+        GSSEAP_MUTEX_UNLOCK(&((gss_name_t)desiredName)->mutex);
     }
 
 #ifdef GSSEAP_ENABLE_ACCEPTOR
@@ -340,6 +343,8 @@ cleanup:
     if (GSS_ERROR(major))
         gssEapReleaseCred(&tmpMinor, &cred);
 
+    gssEapTraceStatus("gss_acquire_cred", major, *minor);
+
     return major;
 }
 
@@ -348,7 +353,7 @@ cleanup:
  * lock because mechanisms list is immutable.
  */
 int
-gssEapCredAvailable(gss_cred_id_t cred, gss_OID mech)
+gssEapCredAvailable(gss_const_cred_id_t cred, gss_OID mech)
 {
     OM_uint32 minor;
     int present = 0;
@@ -603,7 +608,7 @@ cleanup:
 OM_uint32
 gssEapSetCredService(OM_uint32 *minor,
                      gss_cred_id_t cred,
-                     const gss_name_t target)
+                     gss_const_name_t target)
 {
     OM_uint32 major, tmpMinor;
     gss_name_t newTarget = GSS_C_NO_NAME;
@@ -680,6 +685,8 @@ gssEapDuplicateCred(OM_uint32 *minor,
         duplicateBufferOrCleanup(&src->radiusConfigStanza, &dst->radiusConfigStanza);
     if (src->caCertificate.value != NULL)
         duplicateBufferOrCleanup(&src->caCertificate, &dst->caCertificate);
+    if (src->caCertificateBlob.value != NULL)
+        duplicateBufferOrCleanup(&src->caCertificateBlob, &dst->caCertificateBlob);
     if (src->subjectNameConstraint.value != NULL)
         duplicateBufferOrCleanup(&src->subjectNameConstraint, &dst->subjectNameConstraint);
     if (src->subjectAltNameConstraint.value != NULL)
@@ -761,7 +768,7 @@ cleanup:
 OM_uint32
 gssEapResolveInitiatorCred(OM_uint32 *minor,
                            const gss_cred_id_t cred,
-                           const gss_name_t targetName
+                           gss_const_name_t targetName
 #ifndef HAVE_MOONSHOT_GET_IDENTITY
                                                        GSSEAP_UNUSED
 #endif