X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=mech_eap%2Finit_sec_context.c;h=8a877fdbcb8c246e07d9c626675543304bd3be71;hb=49c65b803b43e159e38f6a16505bad54de153916;hp=e5bc107b3974bfee394003b6662d9d2777f340d4;hpb=4609bebeb14712d07fd7d4a08726bb3f49781192;p=mech_eap.orig

diff --git a/mech_eap/init_sec_context.c b/mech_eap/init_sec_context.c
index e5bc107..8a877fd 100644
--- a/mech_eap/init_sec_context.c
+++ b/mech_eap/init_sec_context.c
@@ -123,7 +123,7 @@ peerGetInt(void *data, enum eapol_int_var variable)
     if (ctx == GSS_C_NO_CONTEXT)
         return FALSE;
 
-    assert(CTX_IS_INITIATOR(ctx));
+    GSSEAP_ASSERT(CTX_IS_INITIATOR(ctx));
 
     switch (variable) {
     case EAPOL_idleWhile:
@@ -143,7 +143,7 @@ peerSetInt(void *data, enum eapol_int_var variable,
     if (ctx == GSS_C_NO_CONTEXT)
         return;
 
-    assert(CTX_IS_INITIATOR(ctx));
+    GSSEAP_ASSERT(CTX_IS_INITIATOR(ctx));
 
     switch (variable) {
     case EAPOL_idleWhile:
@@ -211,7 +211,7 @@ peerConfigInit(OM_uint32 *minor, gss_ctx_id_t ctx)
     eapPeerConfig->password = NULL;
     eapPeerConfig->password_len = 0;
 
-    assert(cred != GSS_C_NO_CREDENTIAL);
+    GSSEAP_ASSERT(cred != GSS_C_NO_CREDENTIAL);
 
     GSSEAP_KRB_INIT(&krbContext);
 
@@ -220,7 +220,7 @@ peerConfigInit(OM_uint32 *minor, gss_ctx_id_t ctx)
     wpa_debug_level = 0;
 #endif
 
-    assert(cred->name != GSS_C_NO_NAME);
+    GSSEAP_ASSERT(cred->name != GSS_C_NO_NAME);
 
     if ((cred->name->flags & (NAME_FLAG_NAI | NAME_FLAG_SERVICE)) == 0) {
         *minor = GSSEAP_BAD_INITIATOR_NAME;
@@ -250,14 +250,22 @@ peerConfigInit(OM_uint32 *minor, gss_ctx_id_t ctx)
     eapPeerConfig->anonymous_identity_len = 1 + realm.length;
 
     /* password */
-    eapPeerConfig->password = (unsigned char *)cred->password.value;
-    eapPeerConfig->password_len = cred->password.length;
+    if ((cred->flags & CRED_FLAG_CERTIFICATE) == 0) {
+        eapPeerConfig->password = (unsigned char *)cred->password.value;
+        eapPeerConfig->password_len = cred->password.length;
+    }
 
     /* certs */
     eapPeerConfig->ca_cert = (unsigned char *)cred->caCertificate.value;
     eapPeerConfig->subject_match = (unsigned char *)cred->subjectNameConstraint.value;
     eapPeerConfig->altsubject_match = (unsigned char *)cred->subjectAltNameConstraint.value;
 
+    if (cred->flags & CRED_FLAG_CERTIFICATE) {
+        eapPeerConfig->client_cert = (unsigned char *)cred->clientCertificate.value;
+        eapPeerConfig->private_key = (unsigned char *)cred->privateKey.value;
+        eapPeerConfig->private_key_passwd = (unsigned char *)cred->password.value;
+    }
+
     *minor = 0;
     return GSS_S_COMPLETE;
 }
@@ -355,7 +363,7 @@ initBegin(OM_uint32 *minor,
     OM_uint32 major;
     gss_cred_id_t cred = ctx->cred;
 
-    assert(cred != GSS_C_NO_CREDENTIAL);
+    GSSEAP_ASSERT(cred != GSS_C_NO_CREDENTIAL);
 
     if (cred->expiryTime)
         ctx->expiryTime = cred->expiryTime;
@@ -433,7 +441,7 @@ eapGssSmInitError(OM_uint32 *minor,
         *minor = GSSEAP_BAD_ERROR_TOKEN;
     }
 
-    assert(GSS_ERROR(major));
+    GSSEAP_ASSERT(GSS_ERROR(major));
 
     return major;
 }
@@ -457,8 +465,10 @@ eapGssSmInitGssReauth(OM_uint32 *minor,
     gss_OID actualMech = GSS_C_NO_OID;
     OM_uint32 gssFlags, timeRec;
 
-    assert(cred != GSS_C_NO_CREDENTIAL);
-
+    /*
+     * Here we use the passed in credential handle because the resolved
+     * context credential does not currently have the reauth creds.
+     */
     if (GSSEAP_SM_STATE(ctx) == GSSEAP_STATE_INITIAL) {
         if (!gssEapCanReauthP(cred, target, timeReq))
             return GSS_S_CONTINUE_NEEDED;
@@ -470,6 +480,8 @@ eapGssSmInitGssReauth(OM_uint32 *minor,
         goto cleanup;
     }
 
+    GSSEAP_ASSERT(cred != GSS_C_NO_CREDENTIAL);
+
     major = gssEapMechToGlueName(minor, target, &mechTarget);
     if (GSS_ERROR(major))
         goto cleanup;
@@ -493,7 +505,7 @@ eapGssSmInitGssReauth(OM_uint32 *minor,
     ctx->gssFlags = gssFlags;
 
     if (major == GSS_S_COMPLETE) {
-        assert(GSSEAP_SM_STATE(ctx) == GSSEAP_STATE_REAUTHENTICATE);
+        GSSEAP_ASSERT(GSSEAP_SM_STATE(ctx) == GSSEAP_STATE_REAUTHENTICATE);
 
         major = gssEapReauthComplete(minor, ctx, cred, actualMech, timeRec);
         if (GSS_ERROR(major))
@@ -607,8 +619,8 @@ eapGssSmInitIdentity(OM_uint32 *minor,
 #endif
         *smFlags |= SM_FLAG_FORCE_SEND_TOKEN;
 
-    assert((ctx->flags & CTX_FLAG_KRB_REAUTH) == 0);
-    assert(inputToken == GSS_C_NO_BUFFER);
+    GSSEAP_ASSERT((ctx->flags & CTX_FLAG_KRB_REAUTH) == 0);
+    GSSEAP_ASSERT(inputToken == GSS_C_NO_BUFFER);
 
     memset(&eapConfig, 0, sizeof(eapConfig));
 
@@ -655,14 +667,14 @@ eapGssSmInitAuthenticate(OM_uint32 *minor,
 
     *minor = 0;
 
-    assert(inputToken != GSS_C_NO_BUFFER);
+    GSSEAP_ASSERT(inputToken != GSS_C_NO_BUFFER);
 
     major = peerConfigInit(minor, ctx);
     if (GSS_ERROR(major))
         goto cleanup;
 
-    assert(ctx->initiatorCtx.eap != NULL);
-    assert(ctx->flags & CTX_FLAG_EAP_PORT_ENABLED);
+    GSSEAP_ASSERT(ctx->initiatorCtx.eap != NULL);
+    GSSEAP_ASSERT(ctx->flags & CTX_FLAG_EAP_PORT_ENABLED);
 
     ctx->flags |= CTX_FLAG_EAP_REQ; /* we have a Request from the acceptor */
 
@@ -697,7 +709,7 @@ cleanup:
         OM_uint32 tmpMajor;
         gss_buffer_desc respBuf;
 
-        assert(major == GSS_S_CONTINUE_NEEDED);
+        GSSEAP_ASSERT(major == GSS_S_CONTINUE_NEEDED);
 
         respBuf.length = wpabuf_len(resp);
         respBuf.value = (void *)wpabuf_head(resp);
@@ -765,7 +777,7 @@ eapGssSmInitGssChannelBindings(OM_uint32 *minor,
     if (GSS_ERROR(major))
         return major;
 
-    assert(outputToken->value != NULL);
+    GSSEAP_ASSERT(outputToken->value != NULL);
 
     *minor = 0;
     *smFlags |= SM_FLAG_OUTPUT_TOKEN_CRITICAL;
@@ -961,6 +973,11 @@ gssEapInitSecContext(OM_uint32 *minor,
     OM_uint32 major, tmpMinor;
     int initialContextToken = (ctx->mechanismUsed == GSS_C_NO_OID);
 
+    /*
+     * XXX is acquiring the credential lock here necessary? The password is
+     * mutable but the contract could specify that this is not updated whilst
+     * a context is being initialized.
+     */
     if (cred != GSS_C_NO_CREDENTIAL)
         GSSEAP_MUTEX_LOCK(&cred->mutex);
 
@@ -969,13 +986,13 @@ gssEapInitSecContext(OM_uint32 *minor,
         if (GSS_ERROR(major))
             goto cleanup;
 
-        assert(ctx->cred != GSS_C_NO_CREDENTIAL);
+        GSSEAP_ASSERT(ctx->cred != GSS_C_NO_CREDENTIAL);
     }
 
     GSSEAP_MUTEX_LOCK(&ctx->cred->mutex);
 
-    assert(ctx->cred->flags & CRED_FLAG_RESOLVED);
-    assert(ctx->cred->flags & CRED_FLAG_INITIATE);
+    GSSEAP_ASSERT(ctx->cred->flags & CRED_FLAG_RESOLVED);
+    GSSEAP_ASSERT(ctx->cred->flags & CRED_FLAG_INITIATE);
 
     if (initialContextToken) {
         major = initBegin(minor, ctx, target_name, mech_type,
@@ -1014,7 +1031,7 @@ gssEapInitSecContext(OM_uint32 *minor,
     if (time_rec != NULL)
         gssEapContextTime(&tmpMinor, ctx, time_rec);
 
-    assert(CTX_IS_ESTABLISHED(ctx) || major == GSS_S_CONTINUE_NEEDED);
+    GSSEAP_ASSERT(CTX_IS_ESTABLISHED(ctx) || major == GSS_S_CONTINUE_NEEDED);
 
 cleanup:
     if (cred != GSS_C_NO_CREDENTIAL)
@@ -1048,8 +1065,6 @@ gss_init_sec_context(OM_uint32 *minor,
     output_token->length = 0;
     output_token->value = NULL;
 
-    assert(ctx == GSS_C_NO_CONTEXT || ctx->mechanismUsed != GSS_C_NO_OID);
-
     if (ctx == GSS_C_NO_CONTEXT) {
         if (input_token != GSS_C_NO_BUFFER && input_token->length != 0) {
             *minor = GSSEAP_WRONG_SIZE;