X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=mech_eap%2FgssapiP_eap.h;h=d1d6bce181d8fec7d1cde2e3da443a208b4e7e3d;hb=70aabaea618f8dc42336a8f27e6443b3f2655830;hp=b53e131c929bc684df081588f59c26b2db7836ea;hpb=e608e2bd1f90472bb932586d9b31eed821977b84;p=moonshot.git diff --git a/mech_eap/gssapiP_eap.h b/mech_eap/gssapiP_eap.h index b53e131..d1d6bce 100644 --- a/mech_eap/gssapiP_eap.h +++ b/mech_eap/gssapiP_eap.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, JANET(UK) + * Copyright (c) 2011, JANET(UK) * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -35,18 +35,25 @@ #include "config.h" +#ifdef HAVE_HEIMDAL_VERSION +#define KRB5_DEPRECATED /* so we can use krb5_free_unparsed_name() */ +#endif + #include #include #include #include #include +#include #include #include /* GSS headers */ #include #include -#ifndef HAVE_HEIMDAL_VERSION +#ifdef HAVE_HEIMDAL_VERSION +typedef struct gss_any *gss_any_t; +#else #include #endif #include "gssapi_eap.h" @@ -59,6 +66,7 @@ #include #include #include +#include #include /* FreeRADIUS headers */ @@ -99,6 +107,7 @@ struct gss_name_struct { GSSEAP_MUTEX mutex; /* mutex protects attrCtx */ OM_uint32 flags; + gss_OID mechanismUsed; /* this is immutable */ krb5_principal krbPrincipal; /* this is immutable */ struct gss_eap_attr_ctx *attrCtx; }; @@ -126,7 +135,7 @@ struct gss_cred_id_struct char *radiusConfigStanza; #ifdef GSSEAP_ENABLE_REAUTH krb5_ccache krbCredCache; - gss_cred_id_t krbCred; + gss_cred_id_t reauthCred; #endif }; @@ -135,18 +144,6 @@ struct gss_cred_id_struct #define CTX_IS_INITIATOR(ctx) (((ctx)->flags & CTX_FLAG_INITIATOR) != 0) -enum gss_eap_state { - GSSEAP_STATE_IDENTITY = 0, /* identify peer */ - GSSEAP_STATE_AUTHENTICATE, /* exchange EAP messages */ - GSSEAP_STATE_EXTENSIONS_REQ, /* initiator extensions */ - GSSEAP_STATE_EXTENSIONS_RESP, /* acceptor extensions */ - GSSEAP_STATE_ESTABLISHED, /* context established */ - GSSEAP_STATE_ERROR, /* context error */ -#ifdef GSSEAP_ENABLE_REAUTH - GSSEAP_STATE_KRB_REAUTH /* fast reauthentication */ -#endif -}; - #define CTX_IS_ESTABLISHED(ctx) ((ctx)->state == GSSEAP_STATE_ESTABLISHED) /* Initiator context flags */ @@ -162,13 +159,10 @@ enum gss_eap_state { #define CTX_FLAG_EAP_MASK 0xFFFF0000 struct gss_eap_initiator_ctx { - gss_cred_id_t defaultCred; unsigned int idleWhile; -#ifndef __cplusplus struct eap_peer_config eapPeerConfig; struct eap_sm *eap; struct wpabuf reqData; -#endif }; struct gss_eap_acceptor_ctx { @@ -198,14 +192,15 @@ struct gss_ctx_id_struct time_t expiryTime; uint64_t sendSeq, recvSeq; void *seqState; + gss_cred_id_t defaultCred; union { struct gss_eap_initiator_ctx initiator; #define initiatorCtx ctxU.initiator struct gss_eap_acceptor_ctx acceptor; #define acceptorCtx ctxU.acceptor #ifdef GSSEAP_ENABLE_REAUTH - gss_ctx_id_t kerberos; - #define kerberosCtx ctxU.kerberos + gss_ctx_id_t reauth; + #define reauthCtx ctxU.reauth #endif } ctxU; }; @@ -265,6 +260,13 @@ gssEapSaveStatusInfo(OM_uint32 minor, const char *format, ...); #define IS_WIRE_ERROR(err) ((err) > GSSEAP_RESERVED && \ (err) <= GSSEAP_RADIUS_PROT_FAILURE) +/* export_sec_context.c */ +OM_uint32 +gssEapExportSecContext(OM_uint32 *minor, + gss_ctx_id_t ctx, + gss_buffer_t token); + + #ifdef __cplusplus } #endif