For initialContextToken, emit zero lengths inner token

diff --git a/mech_eap/TODO b/mech_eap/TODO
index 133c4c4..781c029 100644 (file)
--- a/mech_eap/TODO
+++ b/mech_eap/TODO
@@ -1,4 +1,4 @@
-- SAML
-- encoders
-- OID encoders
-- gss_internal_release_oid
+- hook up SAML library
+- hook up RADIUS
+- export/import sec context
+- export/import composite (with attrs) name

diff --git a/mech_eap/accept_sec_context.c b/mech_eap/accept_sec_context.c
index 3013ba5..3c1e98f 100644 (file)
--- a/mech_eap/accept_sec_context.c
+++ b/mech_eap/accept_sec_context.c
@@ -267,7 +267,6 @@ eapGssSmAcceptAuthenticate(OM_uint32 *minor,
     int code;
     struct wpabuf respData;
     static struct eapol_callbacks cb = { serverGetEapUser, serverGetEapReqIdText };
-
     if (ctx->acceptorCtx.eap == NULL) {
         struct eap_config eapConfig;
 

diff --git a/mech_eap/init_sec_context.c b/mech_eap/init_sec_context.c
index 6e406ae..83886a7 100644 (file)
--- a/mech_eap/init_sec_context.c
+++ b/mech_eap/init_sec_context.c
@@ -334,7 +334,9 @@ eapGssSmInitAuthenticate(OM_uint32 *minor,
         if (GSS_ERROR(major))
             goto cleanup;
 
-        resp = eap_sm_buildIdentity(ctx->initiatorCtx.eap, 0, 1);
+        /* Use this to emit an empty token*/
+        wpabuf_set(&ctx->initiatorCtx.reqData, "", 0);
+        resp = &ctx->initiatorCtx.reqData;
         major = GSS_S_CONTINUE_NEEDED;
         goto cleanup;
     } else {
@@ -543,13 +545,13 @@ gss_init_sec_context(OM_uint32 *minor,
                                    &innerOutputToken);
         if (GSS_ERROR(major))
             goto cleanup;
-    } while (major == GSS_S_CONTINUE_NEEDED && innerOutputToken.length == 0);
+    } while (major == GSS_S_CONTINUE_NEEDED && innerOutputToken.value == NULL);
 
     if (actual_mech_type != NULL) {
         if (!gssEapInternalizeOid(ctx->mechanismUsed, actual_mech_type))
             duplicateOid(&tmpMinor, ctx->mechanismUsed, actual_mech_type);
     }
-    if (innerOutputToken.length != 0) {
+    if (innerOutputToken.value != NULL) {
         tmpMajor = gssEapMakeToken(&tmpMinor, ctx, &innerOutputToken,
                                    sm->outputTokenType, output_token);
         if (GSS_ERROR(tmpMajor)) {

diff --git a/mech_eap/util_saml.c b/mech_eap/util_saml.c
index c09b30a..f668c8f 100644 (file)
--- a/mech_eap/util_saml.c
+++ b/mech_eap/util_saml.c
@@ -50,6 +50,14 @@ samlFreeAssertion(OM_uint32 *minor,
 }
 
 OM_uint32
+samlImportAssertion(OM_uint32 *minor,
+                    gss_buffer_t buffer,
+                    struct eap_gss_saml_assertion *pAssertion)
+{
+    GSSEAP_NOT_IMPLEMENTED;
+}
+
+OM_uint32
 samlExportAssertion(OM_uint32 *minor,
                     struct eap_gss_saml_assertion *assertion,
                     gss_buffer_t buffer)

diff --git a/mech_eap/util_saml.h b/mech_eap/util_saml.h
index 1859f02..283ce60 100644 (file)
--- a/mech_eap/util_saml.h
+++ b/mech_eap/util_saml.h
@@ -43,6 +43,11 @@ samlDuplicateAssertion(OM_uint32 *minor,
                        struct eap_gss_saml_assertion **out);
 
 OM_uint32
+samlImportAssertion(OM_uint32 *minor,
+                    gss_buffer_t buffer,
+                    struct eap_gss_saml_assertion *pAssertion);
+
+OM_uint32
 samlExportAssertion(OM_uint32 *minor,
                     struct eap_gss_saml_assertion *assertion,
                     gss_buffer_t buffer);