#include "gssapi_eap.h"
#include "util.h"
+/* Kerberos includes */
+#include <krb5.h>
+
/* EAP includes */
#include <common.h>
#include <eap_peer/eap.h>
#include <crypto/tls.h> /* XXX testing implementation only */
#include <wpabuf.h>
-/* Kerberos includes */
-#include <krb5.h>
-
#define NAME_FLAG_NAI 0x00000001
#define NAME_FLAG_SERVICE 0x00000002
-#define NAME_FLAG_SAML 0x00000010
-#define NAME_FLAG_RADIUS 0x00000020
-#define NAME_HAS_ATTRIBUTES(name) ((name)->flags & \
- (NAME_FLAG_SAML | NAME_FLAG_RADIUS))
+#define NAME_HAS_ATTRIBUTES(name) ((name)->samlCtx != NULL)
-struct eap_gss_saml_assertion;
-struct eap_gss_avp_list;
+struct eap_gss_saml_attr_ctx;
struct gss_name_struct {
GSSEAP_MUTEX mutex; /* mutex protecting attributes */
OM_uint32 flags;
krb5_principal krbPrincipal; /* this is immutable */
- struct eap_gss_saml_assertion *assertion;
- struct eap_gss_avp_list *avps;
+ struct eap_gss_saml_attr_ctx *samlCtx;
};
#define CRED_FLAG_INITIATE 0x00000001
OM_uint32 flags;
OM_uint32 gssFlags;
gss_OID mechanismUsed;
+ krb5_cksumtype checksumType;
krb5_enctype encryptionType;
krb5_keyblock rfc3961Key;
gss_name_t initiatorName;
gss_name_t acceptorName;
time_t expiryTime;
+ uint64_t sendSeq, recvSeq;
+ void *seqState;
union {
struct eap_gss_initiator_ctx initiator;
#define initiatorCtx ctxU.initiator
struct eap_gss_acceptor_ctx acceptor;
#define acceptorCtx ctxU.acceptor
} ctxU;
- uint64_t sendSeq, recvSeq;
- void *seqState;
};
#define TOK_FLAG_SENDER_IS_ACCEPTOR 0x01
int iov_count,
enum gss_eap_token_type toktype);
-
#endif /* _GSSAPIP_EAP_H_ */