Merge branch 'master' of ssh://moonshot.suchdamage.org:822/srv/git/moonshot

[mech_eap.git] / util_context.c

diff --git a/util_context.c b/util_context.c
index 972afa6..0020ef6 100644 (file)
--- a/util_context.c
+++ b/util_context.c
@@ -30,6 +30,10 @@
  * SUCH DAMAGE.
  */
 
+/*
+ * Utility routines for context handles.
+ */
+
 #include "gssapiP_eap.h"
 
 OM_uint32
@@ -53,7 +57,7 @@ gssEapAllocContext(OM_uint32 *minor,
         return GSS_S_FAILURE;
     }
 
-    ctx->state = EAP_STATE_IDENTITY;
+    ctx->state = GSSEAP_STATE_IDENTITY;
 
     /*
      * Integrity, confidentiality, sequencing and replay detection are
@@ -84,12 +88,15 @@ releaseAcceptorContext(struct gss_eap_acceptor_ctx *ctx)
 {
     OM_uint32 tmpMinor;
 
-    if (ctx->avps != NULL)
-        rc_avpair_free(ctx->avps);
-    if (ctx->radHandle != NULL)
-        rc_config_free(ctx->radHandle);
-
+    if (ctx->radConn != NULL)
+        rs_conn_destroy(ctx->radConn);
+    if (ctx->radContext != NULL)
+        rs_context_destroy(ctx->radContext);
+    if (ctx->radServer != NULL)
+        GSSEAP_FREE(ctx->radServer);
     gss_release_buffer(&tmpMinor, &ctx->state);
+    if (ctx->vps != NULL)
+        gssEapRadiusFreeAvps(&tmpMinor, &ctx->vps);
 }
 
 OM_uint32
@@ -106,9 +113,12 @@ gssEapReleaseContext(OM_uint32 *minor,
 
     gssEapKerberosInit(&tmpMinor, &krbContext);
 
-    if (ctx->flags & CTX_FLAG_KRB_REAUTH_GSS) {
+#ifdef GSSEAP_ENABLE_REAUTH
+    if (ctx->flags & CTX_FLAG_KRB_REAUTH) {
         gssDeleteSecContext(&tmpMinor, &ctx->kerberosCtx, GSS_C_NO_BUFFER);
-    } else if (CTX_IS_INITIATOR(ctx)) {
+    } else
+#endif
+    if (CTX_IS_INITIATOR(ctx)) {
         releaseInitiatorContext(&ctx->initiatorCtx);
     } else {
         releaseAcceptorContext(&ctx->acceptorCtx);
@@ -117,8 +127,9 @@ gssEapReleaseContext(OM_uint32 *minor,
     krb5_free_keyblock_contents(krbContext, &ctx->rfc3961Key);
     gssEapReleaseName(&tmpMinor, &ctx->initiatorName);
     gssEapReleaseName(&tmpMinor, &ctx->acceptorName);
-    gss_release_oid(&tmpMinor, &ctx->mechanismUsed);
+    gssEapReleaseOid(&tmpMinor, &ctx->mechanismUsed);
     sequenceFree(&tmpMinor, &ctx->seqState);
+    gssEapReleaseCred(&tmpMinor, &ctx->defaultCred);
 
     GSSEAP_MUTEX_DESTROY(&ctx->mutex);
 
@@ -181,8 +192,10 @@ gssEapVerifyToken(OM_uint32 *minor,
         return major;
 
     if (ctx->mechanismUsed == GSS_C_NO_OID) {
-        if (!gssEapIsConcreteMechanismOid(oid))
+        if (!gssEapIsConcreteMechanismOid(oid)) {
+            *minor = GSSEAP_WRONG_MECH;
             return GSS_S_BAD_MECH;
+        }
 
         if (!gssEapInternalizeOid(oid, &ctx->mechanismUsed)) {
             major = duplicateOid(minor, oid, &ctx->mechanismUsed);
@@ -203,16 +216,6 @@ gssEapContextTime(OM_uint32 *minor,
                   gss_ctx_id_t context_handle,
                   OM_uint32 *time_rec)
 {
-    if (context_handle == GSS_C_NO_CONTEXT) {
-        return GSS_S_NO_CONTEXT;
-    }
-
-    if (!CTX_IS_ESTABLISHED(context_handle)) {
-        return GSS_S_NO_CONTEXT;
-    }
-
-    *minor = 0;
-
     if (context_handle->expiryTime == 0) {
         *time_rec = GSS_C_INDEFINITE;
     } else {