Heimdal portability fixes (except for reauth)

[mech_eap.orig] / gssapiP_eap.h

diff --git a/gssapiP_eap.h b/gssapiP_eap.h
index c617656..b53e131 100644 (file)
--- a/gssapiP_eap.h
+++ b/gssapiP_eap.h
@@ -34,6 +34,7 @@
 #define _GSSAPIP_EAP_H_ 1
 
 #include "config.h"
+
 #include <assert.h>
 #include <string.h>
 #include <errno.h>
@@ -42,25 +43,25 @@
 #include <time.h>
 #include <sys/param.h>
 
-/* GSS includes */
+/* GSS headers */
 #include <gssapi/gssapi.h>
 #include <gssapi/gssapi_krb5.h>
+#ifndef HAVE_HEIMDAL_VERSION
 #include <gssapi/gssapi_ext.h>
+#endif
 #include "gssapi_eap.h"
 
-/* Kerberos includes */
+/* Kerberos headers */
 #include <krb5.h>
 
-/* EAP includes (not C++ clean) */
-#ifndef __cplusplus
+/* EAP headers */
 #include <common.h>
 #include <eap_peer/eap.h>
 #include <eap_peer/eap_config.h>
-#include <crypto/tls.h>
+#include <eap_peer/eap_methods.h>
 #include <wpabuf.h>
-#endif
 
-/* Workaround for FreeRADIUS not being C++ clean */
+/* FreeRADIUS headers */
 #ifdef __cplusplus
 extern "C" {
 #define operator fr_operator
@@ -90,7 +91,12 @@ extern "C" {
 struct gss_eap_saml_attr_ctx;
 struct gss_eap_attr_ctx;
 
-struct gss_name_struct {
+#ifdef HAVE_HEIMDAL_VERSION
+struct gss_name_t_desc_struct
+#else
+struct gss_name_struct
+#endif
+{
     GSSEAP_MUTEX mutex; /* mutex protects attrCtx */
     OM_uint32 flags;
     krb5_principal krbPrincipal; /* this is immutable */
@@ -104,7 +110,12 @@ struct gss_name_struct {
 #define CRED_FLAG_DEFAULT_CCACHE            0x00100000
 #define CRED_FLAG_PUBLIC_MASK               0x0000FFFF
 
-struct gss_cred_id_struct {
+#ifdef HAVE_HEIMDAL_VERSION
+struct gss_cred_id_t_desc_struct
+#else
+struct gss_cred_id_struct
+#endif
+{
     GSSEAP_MUTEX mutex;
     OM_uint32 flags;
     gss_name_t name;
@@ -120,23 +131,23 @@ struct gss_cred_id_struct {
 };
 
 #define CTX_FLAG_INITIATOR                  0x00000001
-#define CTX_FLAG_KRB_REAUTH_GSS             0x00000002
+#define CTX_FLAG_KRB_REAUTH                 0x00000002
 
 #define CTX_IS_INITIATOR(ctx)               (((ctx)->flags & CTX_FLAG_INITIATOR) != 0)
 
 enum gss_eap_state {
-    EAP_STATE_IDENTITY = 0,
-    EAP_STATE_AUTHENTICATE,
-    EAP_STATE_EXTENSIONS_REQ,
-    EAP_STATE_EXTENSIONS_RESP,
-    EAP_STATE_ESTABLISHED,
-    EAP_STATE_ERROR,
+    GSSEAP_STATE_IDENTITY = 0,              /* identify peer */
+    GSSEAP_STATE_AUTHENTICATE,              /* exchange EAP messages */
+    GSSEAP_STATE_EXTENSIONS_REQ,            /* initiator extensions */
+    GSSEAP_STATE_EXTENSIONS_RESP,           /* acceptor extensions */
+    GSSEAP_STATE_ESTABLISHED,               /* context established */
+    GSSEAP_STATE_ERROR,                     /* context error */
 #ifdef GSSEAP_ENABLE_REAUTH
-    EAP_STATE_KRB_REAUTH_GSS
+    GSSEAP_STATE_KRB_REAUTH                 /* fast reauthentication */
 #endif
 };
 
-#define CTX_IS_ESTABLISHED(ctx)             ((ctx)->state == EAP_STATE_ESTABLISHED)
+#define CTX_IS_ESTABLISHED(ctx)             ((ctx)->state == GSSEAP_STATE_ESTABLISHED)
 
 /* Initiator context flags */
 #define CTX_FLAG_EAP_SUCCESS                0x00010000
@@ -168,7 +179,12 @@ struct gss_eap_acceptor_ctx {
     VALUE_PAIR *vps;
 };
 
-struct gss_ctx_id_struct {
+#ifdef HAVE_HEIMDAL_VERSION
+struct gss_ctx_id_t_desc_struct
+#else
+struct gss_ctx_id_struct
+#endif
+{
     GSSEAP_MUTEX mutex;
     enum gss_eap_state state;
     OM_uint32 flags;
@@ -246,6 +262,9 @@ rfc4121Flags(gss_ctx_id_t ctx, int receiving);
 void
 gssEapSaveStatusInfo(OM_uint32 minor, const char *format, ...);
 
+#define IS_WIRE_ERROR(err)              ((err) > GSSEAP_RESERVED && \
+                                         (err) <= GSSEAP_RADIUS_PROT_FAILURE)
+
 #ifdef __cplusplus
 }
 #endif