X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=export_sec_context.c;h=2ea2c5c669cd32e6d6cf5f7449c28130f5a78b4f;hb=refs%2Fheads%2Fjson-name;hp=54cc3b9b26a2bfe06691f095a534f47bf16b9cc1;hpb=d4ede516d9802f966b8810ce7518c0c878aed8cc;p=mech_eap.orig

diff --git a/export_sec_context.c b/export_sec_context.c
index 54cc3b9..2ea2c5c 100644
--- a/export_sec_context.c
+++ b/export_sec_context.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, JANET(UK)
+ * Copyright (c) 2011, JANET(UK)
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -30,6 +30,11 @@
  * SUCH DAMAGE.
  */
 
+/*
+ * Serialise a security context. On the acceptor, this may be partially
+ * established.
+ */
+
 #include "gssapiP_eap.h"
 
 static OM_uint32
@@ -43,8 +48,8 @@ gssEapExportPartialContext(OM_uint32 *minor,
     char serverBuf[MAXHOSTNAMELEN];
 
     if (ctx->acceptorCtx.radConn != NULL) {
-        if (rs_conn_get_current_server(ctx->acceptorCtx.radConn,
-                                       serverBuf, sizeof(serverBuf)) != 0) {
+        if (rs_conn_get_current_peer(ctx->acceptorCtx.radConn,
+                                     serverBuf, sizeof(serverBuf)) != 0) {
             return gssEapRadiusMapError(minor,
                                         rs_err_conn_pop(ctx->acceptorCtx.radConn));
         }
@@ -55,8 +60,8 @@ gssEapExportPartialContext(OM_uint32 *minor,
 
     token->value = GSSEAP_MALLOC(length);
     if (token->value == NULL) {
-        *minor = ENOMEM;
         major = GSS_S_FAILURE;
+        *minor = ENOMEM;
         goto cleanup;
     }
     token->length = length;
@@ -80,6 +85,9 @@ gssEapExportPartialContext(OM_uint32 *minor,
 
     assert(p == (unsigned char *)token->value + token->length);
 
+    major = GSS_S_COMPLETE;
+    *minor = 0;
+
 cleanup:
     if (GSS_ERROR(major))
         gss_release_buffer(&tmpMinor, token);
@@ -101,8 +109,10 @@ gssEapExportSecContext(OM_uint32 *minor,
     unsigned char *p;
 
     if ((CTX_IS_INITIATOR(ctx) && !CTX_IS_ESTABLISHED(ctx)) ||
-        ctx->mechanismUsed == GSS_C_NO_OID)
+        ctx->mechanismUsed == GSS_C_NO_OID) {
+        *minor = GSSEAP_CONTEXT_INCOMPLETE;
         return GSS_S_NO_CONTEXT;
+    }
 
     key.length = KRB_KEY_LENGTH(&ctx->rfc3961Key);
     key.value  = KRB_KEY_DATA(&ctx->rfc3961Key);
@@ -127,7 +137,7 @@ gssEapExportSecContext(OM_uint32 *minor,
      * contexts.
      */
     if (!CTX_IS_INITIATOR(ctx) && !CTX_IS_ESTABLISHED(ctx)) {
-        assert((ctx->flags & CTX_FLAG_KRB_REAUTH_GSS) == 0);
+        assert((ctx->flags & CTX_FLAG_KRB_REAUTH) == 0);
 
         major = gssEapExportPartialContext(minor, ctx, &partialCtx);
         if (GSS_ERROR(major))
@@ -146,8 +156,8 @@ gssEapExportSecContext(OM_uint32 *minor,
 
     token->value = GSSEAP_MALLOC(length);
     if (token->value == NULL) {
-        *minor = ENOMEM;
         major = GSS_S_FAILURE;
+        *minor = ENOMEM;
         goto cleanup;
     }
     token->length = length;
@@ -155,7 +165,7 @@ gssEapExportSecContext(OM_uint32 *minor,
     p = (unsigned char *)token->value;
 
     store_uint32_be(EAP_EXPORT_CONTEXT_V1, &p[0]);        /* version */
-    store_uint32_be(ctx->state,            &p[4]);
+    store_uint32_be(GSSEAP_SM_STATE(ctx),  &p[4]);
     store_uint32_be(ctx->flags,            &p[8]);
     store_uint32_be(ctx->gssFlags,         &p[12]);
     p = store_oid(ctx->mechanismUsed,      &p[16]);
@@ -207,7 +217,7 @@ gss_export_sec_context(OM_uint32 *minor,
 
     if (ctx == GSS_C_NO_CONTEXT) {
         *minor = EINVAL;
-        return GSS_S_NO_CONTEXT;
+        return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CONTEXT;
     }
 
     *minor = 0;