From d7e3c500114d71a698ddbc193acb63b930f8f795 Mon Sep 17 00:00:00 2001 From: Luke Howard Date: Tue, 21 Sep 2010 14:42:04 +0200 Subject: [PATCH] set acceptor name --- mech_eap/accept_sec_context.c | 42 +++++++++++++++++++++++++++++++++++++----- mech_eap/util_radius.cpp | 13 ++++++++----- mech_eap/util_radius.h | 9 +++++++++ 3 files changed, 54 insertions(+), 10 deletions(-) diff --git a/mech_eap/accept_sec_context.c b/mech_eap/accept_sec_context.c index bb182bc..8350272 100644 --- a/mech_eap/accept_sec_context.c +++ b/mech_eap/accept_sec_context.c @@ -183,6 +183,34 @@ importInitiatorIdentity(OM_uint32 *minor, } static OM_uint32 +setAcceptorIdentity(OM_uint32 *minor, + gss_ctx_id_t ctx, + VALUE_PAIR **avps) +{ + OM_uint32 major, tmpMinor; + gss_buffer_desc nameBuf; + + /* Awaits further specification */ + if (ctx->acceptorName == GSS_C_NO_NAME) + return GSS_S_COMPLETE; + + major = gss_display_name(minor, ctx->acceptorName, &nameBuf, NULL); + if (GSS_ERROR(major)) + return major; + + major = addAvpFromBuffer(minor, ctx->acceptorCtx.radHandle, avps, + RADIUS_VENDOR_ATTR_GSS_EAP_ACCEPTOR_SERVICE_NAME, + RADIUS_VENDOR_ID_GSS_EAP, + &nameBuf); + if (GSS_ERROR(major)) + return major; + + gss_release_buffer(&tmpMinor, &nameBuf); + + return major; +} + +static OM_uint32 eapGssSmAcceptAuthenticate(OM_uint32 *minor, gss_ctx_id_t ctx, gss_cred_id_t cred, @@ -210,17 +238,21 @@ eapGssSmAcceptAuthenticate(OM_uint32 *minor, if (GSS_ERROR(major)) goto cleanup; - major = addAvpFromBuffer(minor, rh, &send, PW_USER_NAME, &nameBuf); + major = addAvpFromBuffer(minor, rh, &send, PW_USER_NAME, 0, &nameBuf); + if (GSS_ERROR(major)) + goto cleanup; + + major = setAcceptorIdentity(minor, ctx, &send); if (GSS_ERROR(major)) goto cleanup; } - major = addAvpFromBuffer(minor, rh, &send, PW_EAP_MESSAGE, inputToken); + major = addAvpFromBuffer(minor, rh, &send, PW_EAP_MESSAGE, 0, inputToken); if (GSS_ERROR(major)) goto cleanup; if (ctx->acceptorCtx.lastStatus == CHALLENGE_RC) { - major = addAvpFromBuffer(minor, rh, &send, PW_STATE, + major = addAvpFromBuffer(minor, rh, &send, PW_STATE, 0, &ctx->acceptorCtx.state); if (GSS_ERROR(major)) goto cleanup; @@ -250,14 +282,14 @@ eapGssSmAcceptAuthenticate(OM_uint32 *minor, ctx->acceptorCtx.lastStatus = code; - major = getBufferFromAvps(minor, received, PW_EAP_MESSAGE, + major = getBufferFromAvps(minor, received, PW_EAP_MESSAGE, 0, outputToken, TRUE); if ((major == GSS_S_UNAVAILABLE && code != OK_RC) || GSS_ERROR(major)) goto cleanup; if (code == CHALLENGE_RC) { - major = getBufferFromAvps(minor, received, PW_STATE, + major = getBufferFromAvps(minor, received, PW_STATE, 0, &ctx->acceptorCtx.state, TRUE); if (major != GSS_S_UNAVAILABLE && GSS_ERROR(major)) goto cleanup; diff --git a/mech_eap/util_radius.cpp b/mech_eap/util_radius.cpp index 61b1c9c..c9aec8d 100644 --- a/mech_eap/util_radius.cpp +++ b/mech_eap/util_radius.cpp @@ -376,9 +376,11 @@ addAvpFromBuffer(OM_uint32 *minor, rc_handle *rh, VALUE_PAIR **vp, int type, + int vendor, gss_buffer_t buffer) { - if (rc_avpair_add(rh, vp, type, buffer->value, buffer->length, 0) == NULL) { + if (rc_avpair_add(rh, vp, type, + buffer->value, buffer->length, vendor) == NULL) { return GSS_S_FAILURE; } @@ -389,6 +391,7 @@ OM_uint32 getBufferFromAvps(OM_uint32 *minor, VALUE_PAIR *vps, int type, + int vendor, gss_buffer_t buffer, int concat) { @@ -398,13 +401,13 @@ getBufferFromAvps(OM_uint32 *minor, buffer->length = 0; buffer->value = NULL; - vp = rc_avpair_get(vps, type, 0); + vp = rc_avpair_get(vps, type, vendor); if (vp == NULL) return GSS_S_UNAVAILABLE; do { buffer->length += vp->lvalue; - } while (concat && (vp = rc_avpair_get(vp->next, type, 0)) != NULL); + } while (concat && (vp = rc_avpair_get(vp->next, type, vendor)) != NULL); buffer->value = GSSEAP_MALLOC(buffer->length); if (buffer->value == NULL) { @@ -414,9 +417,9 @@ getBufferFromAvps(OM_uint32 *minor, p = (unsigned char *)buffer->value; - for (vp = rc_avpair_get(vps, type, 0); + for (vp = rc_avpair_get(vps, type, vendor); concat && vp != NULL; - vp = rc_avpair_get(vp->next, type, 0)) { + vp = rc_avpair_get(vp->next, type, vendor)) { memcpy(p, vp->strvalue, vp->lvalue); p += vp->lvalue; } diff --git a/mech_eap/util_radius.h b/mech_eap/util_radius.h index acc2283..4c10291 100644 --- a/mech_eap/util_radius.h +++ b/mech_eap/util_radius.h @@ -110,12 +110,14 @@ addAvpFromBuffer(OM_uint32 *minor, rc_handle *rh, VALUE_PAIR **vp, int type, + int vendor, gss_buffer_t buffer); OM_uint32 getBufferFromAvps(OM_uint32 *minor, VALUE_PAIR *vps, int type, + int vendor, gss_buffer_t buffer, int concat); @@ -136,6 +138,13 @@ enum { RADIUS_VENDOR_ATTR_MS_MPPE_SEND_KEY = 16, RADIUS_VENDOR_ATTR_MS_MPPE_RECV_KEY = 17 }; +/* OK, this is completely unassigned */ +#define RADIUS_VENDOR_ID_GSS_EAP 5322 + +enum { RADIUS_VENDOR_ATTR_GSS_EAP_ACCEPTOR_SERVICE_NAME = 1, + RADIUS_VENDOR_ATTR_GSS_EAP_ACCEPTOR_HOST_NAME, + RADIUS_VENDOR_ATTR_GSS_EAP_ACCEPTOR_REALM_NAME }; + #ifdef __cplusplus } #endif -- 2.1.4