if (*minor != 0)
return GSS_S_FAILURE;
- nameBuf.value = ssi;
- nameBuf.length = strlen(ssi);
-
- major = gssEapRadiusAddAvp(minor, vps,
- PW_GSS_ACCEPTOR_SERVICE_SPECIFIC,
- VENDORPEC_UKERNA,
+ major = gssEapRadiusAddAvp(minor, req,
+ PW_GSS_ACCEPTOR_SERVICE_SPECIFICS,
+ 0,
&nameBuf);
-
- if (GSS_ERROR(major)) {
- krbFreeUnparsedName(krbContext, &nameBuf);
+#ifdef HAVE_HEIMDAL_VERSION
+ krb5_xfree(ssi);
+#else
+ krb5_free_unparsed_name(krbContext, ssi);
+#endif
+ if (GSS_ERROR(major))
return major;
- }
- krbFreeUnparsedName(krbContext, &nameBuf);
}
krbPrincRealmToGssBuffer(krbPrinc, &nameBuf);
BEGIN-VENDOR UKERNA
-ATTRIBUTE GSS-Acceptor-Service-Name 128 string
-ATTRIBUTE GSS-Acceptor-Host-Name 129 string
-ATTRIBUTE GSS-Acceptor-Service-Specific 130 string
-ATTRIBUTE GSS-Acceptor-Realm-Name 131 string
-ATTRIBUTE SAML-AAA-Assertion 132 string
-ATTRIBUTE MS-Windows-Auth-Data 133 octets
-ATTRIBUTE MS-Windows-Group-Sid 134 string
+ATTRIBUTE GSS-Acceptor-Service-Name-VS 128 string
+ATTRIBUTE GSS-Acceptor-Host-Name-VS 129 string
+ATTRIBUTE GSS-Acceptor-Service-Specific-VS 130 string
+ATTRIBUTE GSS-Acceptor-Realm-Name-VS 131 string
+ATTRIBUTE SAML-AAA-Assertion 132 string
+ATTRIBUTE MS-Windows-Auth-Data 133 octets
+ATTRIBUTE MS-Windows-Group-Sid 134 string
+ ATTRIBUTE EAP-Channel-Binding-Message 135 octets
END-VENDOR UKERNA
error_code GSSEAP_BAD_INITIATOR_NAME, "Initiator identity must be a valid name"
error_code GSSEAP_NO_HOSTNAME, "Could not determine local host name"
error_code GSSEAP_NO_ACCEPTOR_NAME, "Could not determine acceptor identity"
+error_code GSSEAP_WRONG_ACCEPTOR_NAME, "Acceptor identity different than expected"
+ error_code GSSEAP_BAD_ACCEPTOR_NAME, "Acceptor name is too long or has too many components"
error_code GSSEAP_BAD_NAME_TOKEN, "Name token is malformed or corrupt"
error_code GSSEAP_NO_LOCAL_MAPPING, "Unable to map name to a local identity"
*/
#include "gssapiP_eap.h"
+ #include "util_radius.h"
+ #include "utils/radius_utils.h"
+
+ #ifdef GSSEAP_ENABLE_ACCEPTOR
-/* stuff that should be provided by libradsec/libfreeradius-radius */
-#define VENDORATTR(vendor, attr) (((vendor) << 16) | (attr))
+#define RS_MAP_ERROR(code) (ERROR_TABLE_BASE_rse + (code))
-#ifndef ATTRID
-#define ATTRID(attr) ((attr) & 0xFFFF)
-#endif
+static rs_avp *copyAvps(rs_const_avp *src);
-static gss_buffer_desc radiusUrnPrefix = {
- sizeof("urn:x-radius:") - 1,
- (void *)"urn:x-radius:"
-};
+static OM_uint32
+gssEapRadiusGetAvp(OM_uint32 *minor,
+ rs_avp *vps,
+ const gss_eap_attrid &attrid,
+ gss_buffer_t buffer,
+ int concat);
-static VALUE_PAIR *copyAvps(const VALUE_PAIR *src);
+static OM_uint32
+gssEapRadiusAddAvp(OM_uint32 *minor,
+ rs_avp **vps,
+ const gss_eap_attrid &attrid,
+ const gss_buffer_t buffer);
+
+static gss_eap_attrid
+avpToAttrId(rs_const_avp *vp)
+{
+ gss_eap_attrid attrid;
+
+ rs_avp_attrid(vp, &attrid.second, &attrid.first);
+
+ return attrid;
+}
gss_eap_radius_attr_provider::gss_eap_radius_attr_provider(void)
{
#ifdef __cplusplus
+typedef std::pair <unsigned int, unsigned int> gss_eap_attrid;
+ #ifdef GSSEAP_ENABLE_ACCEPTOR
+
+
struct gss_eap_radius_attr_provider : gss_eap_attr_provider {
public:
gss_eap_radius_attr_provider(void);
extern "C" {
#endif
+ #ifdef GSSEAP_ENABLE_ACCEPTOR
+
OM_uint32
gssEapRadiusAddAvp(OM_uint32 *minor,
- VALUE_PAIR **vp,
- uint16_t type,
- uint16_t vendor,
+ struct rs_packet *pkt,
+ unsigned int type,
+ unsigned int vendor,
const gss_buffer_t buffer);
OM_uint32