From: Luke Howard Date: Wed, 8 Sep 2010 17:58:13 +0000 (+0200) Subject: process_context_token X-Git-Url: http://www.project-moonshot.org/gitweb/?p=cyrus-sasl.git;a=commitdiff_plain;h=939b99866cbadfd9d5d88f3a5394eb8090796192 process_context_token --- diff --git a/mech_eap/delete_sec_context.c b/mech_eap/delete_sec_context.c index b8d41a7..663c7fc 100644 --- a/mech_eap/delete_sec_context.c +++ b/mech_eap/delete_sec_context.c @@ -37,6 +37,8 @@ gss_delete_sec_context(OM_uint32 *minor, gss_ctx_id_t *context_handle, gss_buffer_t output_token) { + OM_uint32 major; + if (output_token != GSS_C_NO_BUFFER) { output_token->length = 0; output_token->value = NULL; @@ -47,7 +49,22 @@ gss_delete_sec_context(OM_uint32 *minor, return GSS_S_COMPLETE; } - /* Delete context token? */ + if (output_token != GSS_C_NO_BUFFER) { + gss_iov_buffer_desc iov[2]; + + iov[0].type = GSS_IOV_BUFFER_TYPE_DATA; + iov[0].buffer.value = NULL; + iov[0].buffer.length = 0; + + iov[1].type = GSS_IOV_BUFFER_TYPE_HEADER | GSS_IOV_BUFFER_FLAG_ALLOCATE; + iov[1].buffer.value = NULL; + iov[1].buffer.length = 0; + + major = gssEapWrapOrGetMIC(minor, *context_handle, FALSE, FALSE, + iov, 2, TOK_TYPE_DELETE_CONTEXT); + if (GSS_ERROR(major)) + return major; + } return gssEapReleaseContext(minor, context_handle); } diff --git a/mech_eap/display_name_ext.c b/mech_eap/display_name_ext.c index d00119c..ea4b85a 100644 --- a/mech_eap/display_name_ext.c +++ b/mech_eap/display_name_ext.c @@ -39,7 +39,9 @@ gss_display_name_ext(OM_uint32 *minor, gss_buffer_t display_name) { *minor = 0; + display_name->length = 0; - display_name->buffer = NULL; + display_name->value = NULL; + return GSS_S_UNAVAILABLE; } diff --git a/mech_eap/process_context_token.c b/mech_eap/process_context_token.c index c9fa486..201a2a7 100644 --- a/mech_eap/process_context_token.c +++ b/mech_eap/process_context_token.c @@ -37,5 +37,20 @@ gss_process_context_token(OM_uint32 *minor, gss_ctx_id_t ctx, gss_buffer_t token_buffer) { - GSSEAP_NOT_IMPLEMENTED; + OM_uint32 major; + gss_iov_buffer_desc iov[1]; + + if (!CTX_IS_ESTABLISHED(ctx)) { + return GSS_S_NO_CONTEXT; + } + + iov[0].type = GSS_IOV_BUFFER_TYPE_HEADER; + iov[0].buffer = *token_buffer; + + major = gssEapUnwrapOrVerifyMIC(minor, ctx, NULL, NULL, + iov, 1, TOK_TYPE_DELETE_CONTEXT); + if (GSS_ERROR(major)) + return major; + + return gssEapReleaseContext(minor, &ctx); } diff --git a/mech_eap/unwrap_iov.c b/mech_eap/unwrap_iov.c index 4061bee..c084380 100644 --- a/mech_eap/unwrap_iov.c +++ b/mech_eap/unwrap_iov.c @@ -228,8 +228,8 @@ unwrapToken(OM_uint32 *minor, return GSS_S_BAD_SIG; } code = sequenceCheck(&ctx->seqState, seqnum); - } else if (toktype == TOK_TYPE_DELETE) { - if (load_uint16_be(ptr) != TOK_TYPE_DELETE) + } else if (toktype == TOK_TYPE_DELETE_CONTEXT) { + if (load_uint16_be(ptr) != TOK_TYPE_DELETE_CONTEXT) goto defective; goto verify_mic_1; } else { diff --git a/mech_eap/util.h b/mech_eap/util.h index 1495857..0388a30 100644 --- a/mech_eap/util.h +++ b/mech_eap/util.h @@ -253,12 +253,12 @@ enum gss_eap_token_type { TOK_TYPE_NONE = 0x0000, TOK_TYPE_EAP_RESP = 0x0601, TOK_TYPE_EAP_REQ = 0x0602, - TOK_TYPE_GSS_CB = 0x0603, + TOK_TYPE_GSS_CHANNEL_BINDINGS = 0x0603, TOK_TYPE_MIC = 0x0404, TOK_TYPE_WRAP = 0x0504, TOK_TYPE_EXPORT_NAME = 0x0401, TOK_TYPE_EXPORT_NAME_COMPOSITE = 0x0402, - TOK_TYPE_DELETE = 0x0405, + TOK_TYPE_DELETE_CONTEXT = 0x0405, }; size_t