gss_OID_set *actual_mechs,
OM_uint32 *time_rec)
{
- *minor = 0;
-
return gssEapAcquireCred(minor, desired_name, GSS_C_NO_BUFFER,
time_req, desired_mechs, cred_usage,
output_cred_handle, actual_mechs, time_rec);
gss_OID_set *actual_mechs,
OM_uint32 *time_rec)
{
- *minor = 0;
-
return gssEapAcquireCred(minor, desired_name, password,
time_req, desired_mechs, cred_usage,
output_cred_handle, actual_mechs, time_rec);
gss_ctx_id_t ctx,
OM_uint32 *time_rec)
{
- OM_uint32 major;
+ OM_uint32 major = GSS_S_NO_CONTEXT;
*minor = 0;
GSSEAP_MUTEX_LOCK(&ctx->mutex);
- if (!CTX_IS_ESTABLISHED(ctx)) {
- major = GSS_S_NO_CONTEXT;
- goto cleanup;
+ if (CTX_IS_ESTABLISHED(ctx)) {
+ major = gssEapContextTime(minor, ctx, time_rec);
}
- major = gssEapContextTime(minor, ctx, time_rec);
-
-cleanup:
GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
return major;
major = gssEapWrapOrGetMIC(minor, ctx, FALSE, FALSE,
iov, 2, TOK_TYPE_DELETE_CONTEXT);
- if (GSS_ERROR(major))
+ if (GSS_ERROR(major)) {
+ GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
return major;
+ }
}
GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
OM_uint32 major = GSS_S_UNAVAILABLE;
int i;
+ *minor = 0;
*data_set = GSS_C_NO_BUFFER_SET;
+ if (cred_handle == GSS_C_NO_CREDENTIAL)
+ return GSS_S_NO_CRED;
+
+ GSSEAP_MUTEX_LOCK(&cred_handle->mutex);
+
for (i = 0; i < sizeof(inquireCredOps) / sizeof(inquireCredOps[0]); i++) {
if (oidEqual(&inquireCredOps[i].oid, desired_object)) {
major = (*inquireCredOps[i].inquire)(minor, cred_handle,
}
}
+ GSSEAP_MUTEX_UNLOCK(&cred_handle->mutex);
+
return major;
}
{
OM_uint32 major, tmpMinor;
+ *minor = 0;
+
if (name_is_MN != NULL)
*name_is_MN = 1;
if (MN_mech != NULL)
gss_buffer_t value)
{
*minor = 0;
+
return GSS_S_UNAVAILABLE;
}
OM_uint32 major;
gss_iov_buffer_desc iov[1];
+ *minor = 0;
+
+ if (ctx == NULL)
+ return GSS_S_NO_CONTEXT;
+
+ GSSEAP_MUTEX_LOCK(&ctx->mutex);
+
if (!CTX_IS_ESTABLISHED(ctx)) {
+ GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
return GSS_S_NO_CONTEXT;
}
major = gssEapUnwrapOrVerifyMIC(minor, ctx, NULL, NULL,
iov, 1, TOK_TYPE_DELETE_CONTEXT);
- if (GSS_ERROR(major))
+ if (GSS_ERROR(major)) {
+ GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
return major;
+ }
+
+ GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
return gssEapReleaseContext(minor, &ctx);
}
unsigned char *p;
krb5_context krbContext;
+ *minor = 0;
+
prf_out->length = 0;
prf_out->value = NULL;
- if (!CTX_IS_ESTABLISHED(ctx))
+ if (ctx == GSS_C_NO_CONTEXT)
+ return GSS_S_NO_CONTEXT;
+
+ GSSEAP_MUTEX_LOCK(&ctx->mutex);
+
+ if (!CTX_IS_ESTABLISHED(ctx)) {
+ GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
return GSS_S_NO_CONTEXT;
+ }
GSSEAP_KRB_INIT(&krbContext);
ns.length = 0;
ns.data = NULL;
- if (prf_key != GSS_C_PRF_KEY_FULL &&
+ if (prf_key != GSS_C_PRF_KEY_PARTIAL &&
prf_key != GSS_C_PRF_KEY_FULL) {
code = EINVAL;
goto cleanup;
}
cleanup:
+ GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
+
if (code != 0)
gss_release_buffer(&tmpMinor, prf_out);
krb5_free_data_contents(krbContext, &ns);
krb5_free_data_contents(krbContext, &t);
*minor = code;
+
return (code == 0) ? GSS_S_COMPLETE : GSS_S_FAILURE;
}
-
{
OM_uint32 major;
+ *minor = 0;
+
if (name == GSS_C_NO_NAME) {
*minor = EINVAL;
return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME;
const gss_buffer_t value)
{
OM_uint32 major = GSS_S_UNAVAILABLE;
+ gss_ctx_id_t ctx = *pCtx;
int i;
+ if (ctx != GSS_C_NO_CONTEXT)
+ GSSEAP_MUTEX_LOCK(&ctx->mutex);
+
for (i = 0; i < sizeof(setCtxOps) / sizeof(setCtxOps[0]); i++) {
if (oidEqual(&setCtxOps[i].oid, desired_object)) {
- major = (*setCtxOps[i].setOption)(minor, pCtx,
+ major = (*setCtxOps[i].setOption)(minor, &ctx,
desired_object, value);
break;
}
}
+ if (*pCtx == NULL)
+ *pCtx = ctx;
+ else
+ GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
+
return major;
}
OM_uint32
gss_store_cred(OM_uint32 *minor,
- const gss_cred_id_t input_cred_handle,
+ const gss_cred_id_t cred,
gss_cred_usage_t input_usage,
const gss_OID desired_mech,
OM_uint32 overwrite_cred,
gss_OID_set *elements_stored,
gss_cred_usage_t *cred_usage_stored)
{
+ OM_uint32 major = GSS_S_UNAVAILABLE;
+
+ *minor = 0;
+
if (elements_stored != NULL)
*elements_stored = GSS_C_NO_OID_SET;
if (cred_usage_stored != NULL)
*cred_usage_stored = input_usage;
- if (input_cred_handle == GSS_C_NO_CREDENTIAL)
+ if (cred == GSS_C_NO_CREDENTIAL)
return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CRED;
+ GSSEAP_MUTEX_LOCK(&cred->mutex);
+
#ifdef GSSEAP_ENABLE_REAUTH
- if (input_cred_handle->krbCred != GSS_C_NO_CREDENTIAL) {
- return gssStoreCred(minor,
- input_cred_handle->krbCred,
- input_usage,
- (gss_OID)gss_mech_krb5,
- overwrite_cred,
- default_cred,
- elements_stored,
- cred_usage_stored);
+ if (cred->krbCred != GSS_C_NO_CREDENTIAL) {
+ major = gssStoreCred(minor,
+ cred->krbCred,
+ input_usage,
+ (gss_OID)gss_mech_krb5,
+ overwrite_cred,
+ default_cred,
+ elements_stored,
+ cred_usage_stored);
}
#endif
- *minor = 0;
- return GSS_S_UNAVAILABLE;
+ GSSEAP_MUTEX_UNLOCK(&cred->mutex);
+
+ return major;
}
gss_iov_buffer_desc *iov,
int iov_count)
{
- OM_uint32 major;
+ OM_uint32 major = GSS_C_NO_CONTEXT;
+
+ *minor = 0;
if (ctx == GSS_C_NO_CONTEXT)
return GSS_S_NO_CONTEXT;
GSSEAP_MUTEX_LOCK(&ctx->mutex);
- if (!CTX_IS_ESTABLISHED(ctx)) {
- *minor = 0;
- major = GSS_S_NO_CONTEXT;
- } else {
+ if (CTX_IS_ESTABLISHED(ctx)) {
major = gssEapUnwrapOrVerifyMIC(minor, ctx, conf_state, qop_state,
iov, iov_count, TOK_TYPE_WRAP);
}
int *conf_state,
gss_buffer_t output_message_buffer)
{
- OM_uint32 major;
+ OM_uint32 major = GSS_C_NO_CONTEXT;
+
+ *minor = 0;
if (ctx == GSS_C_NO_CONTEXT)
return GSS_S_NO_CONTEXT;
GSSEAP_MUTEX_LOCK(&ctx->mutex);
- if (!CTX_IS_ESTABLISHED(ctx)) {
- *minor = 0;
- major = GSS_S_NO_CONTEXT;
- } else {
+ if (CTX_IS_ESTABLISHED(ctx)) {
major = gssEapWrap(minor, ctx, conf_req_flag, qop_req,
input_message_buffer,
conf_state, output_message_buffer);