if ((code == CHBIND_CODE_SUCCESS) &&
(accepted == ctx->initiatorCtx.chbindReqFlags)) {
ctx->flags |= CTX_FLAG_EAP_CHBIND_ACCEPT;
+ ctx->gssFlags |= GSS_C_MUTUAL_FLAG;
/* Accepted! */
} else {
/* log failures? */
const unsigned char *key;
size_t keyLength;
-#if 1
- /* XXX actually check for mutual auth */
- if (reqFlags & GSS_C_MUTUAL_FLAG)
- ctx->gssFlags |= GSS_C_MUTUAL_FLAG;
-#endif
-
/* Cache encryption type derived from selected mechanism OID */
major = gssEapOidToEnctype(minor, ctx->mechanismUsed, &ctx->encryptionType);
if (GSS_ERROR(major))
goto cleanup;
}
}
- if (ret_flags != NULL) {
- if ((major == GSS_S_COMPLETE) &&
- (ctx->flags & CTX_FLAG_EAP_CHBIND_ACCEPT))
- *ret_flags = ctx->gssFlags | GSS_C_MUTUAL_FLAG;
- else
- *ret_flags = ctx->gssFlags & (~GSS_C_MUTUAL_FLAG);
- }
+
+ if (ret_flags != NULL)
+ *ret_flags = ctx->gssFlags;
+
if (major == GSS_S_COMPLETE)
major = major;
if (time_rec != NULL)