comment out dumping code

[mech_eap.orig] / export_sec_context.c

diff --git a/export_sec_context.c b/export_sec_context.c
index 001dd5b..2ea2c5c 100644 (file)
--- a/export_sec_context.c
+++ b/export_sec_context.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, JANET(UK)
+ * Copyright (c) 2011, JANET(UK)
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -30,6 +30,11 @@
  * SUCH DAMAGE.
  */
 
+/*
+ * Serialise a security context. On the acceptor, this may be partially
+ * established.
+ */
+
 #include "gssapiP_eap.h"
 
 static OM_uint32
@@ -38,20 +43,25 @@ gssEapExportPartialContext(OM_uint32 *minor,
                            gss_buffer_t token)
 {
     OM_uint32 major, tmpMinor;
-    size_t length, serverLen;
+    size_t length, serverLen = 0;
     unsigned char *p;
-
-    if (ctx->acceptorCtx.radServer != NULL)
-        serverLen = strlen(ctx->acceptorCtx.radServer);
-    else
-        serverLen = 0;
+    char serverBuf[MAXHOSTNAMELEN];
+
+    if (ctx->acceptorCtx.radConn != NULL) {
+        if (rs_conn_get_current_peer(ctx->acceptorCtx.radConn,
+                                     serverBuf, sizeof(serverBuf)) != 0) {
+            return gssEapRadiusMapError(minor,
+                                        rs_err_conn_pop(ctx->acceptorCtx.radConn));
+        }
+        serverLen = strlen(serverBuf);
+    }
 
     length = 4 + serverLen + 4 + ctx->acceptorCtx.state.length;
 
     token->value = GSSEAP_MALLOC(length);
     if (token->value == NULL) {
-        *minor = ENOMEM;
         major = GSS_S_FAILURE;
+        *minor = ENOMEM;
         goto cleanup;
     }
     token->length = length;
@@ -61,7 +71,7 @@ gssEapExportPartialContext(OM_uint32 *minor,
     store_uint32_be(serverLen, p);
     p += 4;
     if (serverLen != 0) {
-        memcpy(p, ctx->acceptorCtx.radServer, serverLen);
+        memcpy(p, serverBuf, serverLen);
         p += serverLen;
     }
 
@@ -75,6 +85,9 @@ gssEapExportPartialContext(OM_uint32 *minor,
 
     assert(p == (unsigned char *)token->value + token->length);
 
+    major = GSS_S_COMPLETE;
+    *minor = 0;
+
 cleanup:
     if (GSS_ERROR(major))
         gss_release_buffer(&tmpMinor, token);
@@ -96,8 +109,10 @@ gssEapExportSecContext(OM_uint32 *minor,
     unsigned char *p;
 
     if ((CTX_IS_INITIATOR(ctx) && !CTX_IS_ESTABLISHED(ctx)) ||
-        ctx->mechanismUsed == GSS_C_NO_OID)
+        ctx->mechanismUsed == GSS_C_NO_OID) {
+        *minor = GSSEAP_CONTEXT_INCOMPLETE;
         return GSS_S_NO_CONTEXT;
+    }
 
     key.length = KRB_KEY_LENGTH(&ctx->rfc3961Key);
     key.value  = KRB_KEY_DATA(&ctx->rfc3961Key);
@@ -122,7 +137,7 @@ gssEapExportSecContext(OM_uint32 *minor,
      * contexts.
      */
     if (!CTX_IS_INITIATOR(ctx) && !CTX_IS_ESTABLISHED(ctx)) {
-        assert((ctx->flags & CTX_FLAG_KRB_REAUTH_GSS) == 0);
+        assert((ctx->flags & CTX_FLAG_KRB_REAUTH) == 0);
 
         major = gssEapExportPartialContext(minor, ctx, &partialCtx);
         if (GSS_ERROR(major))
@@ -141,8 +156,8 @@ gssEapExportSecContext(OM_uint32 *minor,
 
     token->value = GSSEAP_MALLOC(length);
     if (token->value == NULL) {
-        *minor = ENOMEM;
         major = GSS_S_FAILURE;
+        *minor = ENOMEM;
         goto cleanup;
     }
     token->length = length;
@@ -150,7 +165,7 @@ gssEapExportSecContext(OM_uint32 *minor,
     p = (unsigned char *)token->value;
 
     store_uint32_be(EAP_EXPORT_CONTEXT_V1, &p[0]);        /* version */
-    store_uint32_be(ctx->state,            &p[4]);
+    store_uint32_be(GSSEAP_SM_STATE(ctx),  &p[4]);
     store_uint32_be(ctx->flags,            &p[8]);
     store_uint32_be(ctx->gssFlags,         &p[12]);
     p = store_oid(ctx->mechanismUsed,      &p[16]);
@@ -202,7 +217,7 @@ gss_export_sec_context(OM_uint32 *minor,
 
     if (ctx == GSS_C_NO_CONTEXT) {
         *minor = EINVAL;
-        return GSS_S_NO_CONTEXT;
+        return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CONTEXT;
     }
 
     *minor = 0;