X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=moonshot%2Fmech_eap%2Futil_krb.c;h=8775c8334fa5ecee8f71a880de52e09efb4455ed;hb=57ca7c37e90acbcd8da6d215dc4f3c0edd7a88e5;hp=88ad6dd202a0556270158eb8c6e584e3d5d5e09c;hpb=db09fc23e4dc013ecd797c51f2a8179cb0dfe670;p=moonshot.git diff --git a/moonshot/mech_eap/util_krb.c b/moonshot/mech_eap/util_krb.c index 88ad6dd..8775c83 100644 --- a/moonshot/mech_eap/util_krb.c +++ b/moonshot/mech_eap/util_krb.c @@ -36,24 +36,13 @@ #include "gssapiP_eap.h" -static GSSEAP_THREAD_ONCE krbContextKeyOnce = GSSEAP_ONCE_INITIALIZER; -static GSSEAP_THREAD_KEY krbContextKey; - -static void -destroyKrbContext(void *arg) +void +gssEapDestroyKrbContext(krb5_context context) { - krb5_context context = (krb5_context)arg; - if (context != NULL) krb5_free_context(context); } -static void -createKrbContextKey(void) -{ - GSSEAP_KEY_CREATE(&krbContextKey, destroyKrbContext); -} - static krb5_error_code initKrbContext(krb5_context *pKrbContext) { @@ -79,35 +68,37 @@ initKrbContext(krb5_context *pKrbContext) *pKrbContext = krbContext; cleanup: + krb5_free_default_realm(krbContext, defaultRealm); + if (code != 0 && krbContext != NULL) krb5_free_context(krbContext); - if (defaultRealm != NULL) - GSSEAP_FREE(defaultRealm); - return code; } OM_uint32 gssEapKerberosInit(OM_uint32 *minor, krb5_context *context) { - *minor = 0; + struct gss_eap_thread_local_data *tld; - GSSEAP_ONCE(&krbContextKeyOnce, createKrbContextKey); - - *context = GSSEAP_GETSPECIFIC(krbContextKey); - if (*context == NULL) { - *minor = initKrbContext(context); - if (*minor == 0) { - if (GSSEAP_SETSPECIFIC(krbContextKey, *context) != 0) { - *minor = errno; - krb5_free_context(*context); - *context = NULL; - } + *minor = 0; + *context = NULL; + + tld = gssEapGetThreadLocalData(); + if (tld != NULL) { + if (tld->krbContext == NULL) { + *minor = initKrbContext(&tld->krbContext); + if (*minor != 0) + tld->krbContext = NULL; } + *context = tld->krbContext; + } else { + *minor = GSSEAP_GET_LAST_ERROR(); } - return *minor == 0 ? GSS_S_COMPLETE : GSS_S_FAILURE; + GSSEAP_ASSERT(*context != NULL || *minor != 0); + + return (*minor == 0) ? GSS_S_COMPLETE : GSS_S_FAILURE; } /* @@ -137,7 +128,7 @@ gssEapDeriveRfc3961Key(OM_uint32 *minor, unsigned char constant[4 + sizeof("rfc4121-gss-eap") - 1], *p; ssize_t i, remain; - assert(encryptionType != ENCTYPE_NULL); + GSSEAP_ASSERT(encryptionType != ENCTYPE_NULL); memset(pKey, 0, sizeof(*pKey)); @@ -293,7 +284,7 @@ rfc3961ChecksumTypeForKey(OM_uint32 *minor, #endif /* HAVE_KRB5INT_C_MANDATORY_CKSUMTYPE */ if (!krb5_c_is_keyed_cksum(*cksumtype)) { - *minor = KRB5KRB_AP_ERR_INAPP_CKSUM; + *minor = (OM_uint32)KRB5KRB_AP_ERR_INAPP_CKSUM; return GSS_S_FAILURE; } @@ -476,7 +467,7 @@ krbMakeAuthDataKdcIssued(krb5_context context, if (code != 0) goto cleanup; - GSSEAP_FREE(buf); + free(buf); /* match ASN1_MALLOC_ENCODE */ buf = NULL; ASN1_MALLOC_ENCODE(AD_KDCIssued, buf, buf_size, &kdcIssued, &len, code); @@ -493,7 +484,7 @@ krbMakeAuthDataKdcIssued(krb5_context context, cleanup: if (buf != NULL) - GSSEAP_FREE(buf); + free(buf); /* match ASN1_MALLOC_ENCODE */ if (crypto != NULL) krb5_crypto_destroy(context, crypto); free_Checksum(&kdcIssued.ad_checksum);