preliminary work on fast reauth

[mech_eap.orig] / util_context.c

diff --git a/util_context.c b/util_context.c
index a96b452..146b9a9 100644 (file)
--- a/util_context.c
+++ b/util_context.c
@@ -106,7 +106,9 @@ gssEapReleaseContext(OM_uint32 *minor,
 
     gssEapKerberosInit(&tmpMinor, &krbContext);
 
-    if (CTX_IS_INITIATOR(ctx)) {
+    if (ctx->flags & CTX_FLAG_KRB_REAUTH_GSS) {
+        gssDeleteSecContext(&tmpMinor, &ctx->kerberosCtx, GSS_C_NO_BUFFER);
+    } else if (CTX_IS_INITIATOR(ctx)) {
         releaseInitiatorContext(&ctx->initiatorCtx);
     } else {
         releaseAcceptorContext(&ctx->acceptorCtx);
@@ -157,6 +159,7 @@ gssEapVerifyToken(OM_uint32 *minor,
                   gss_ctx_id_t ctx,
                   const gss_buffer_t inputToken,
                   enum gss_eap_token_type tokenType,
+                  enum gss_eap_token_type *actualToken,
                   gss_buffer_t innerInputToken)
 {
     OM_uint32 major;
@@ -174,7 +177,8 @@ gssEapVerifyToken(OM_uint32 *minor,
     }
 
     major = verifyTokenHeader(minor, oid, &bodySize, &p,
-                              inputToken->length, tokenType);
+                              inputToken->length, tokenType,
+                              actualToken);
     if (GSS_ERROR(major))
         return GSS_S_DEFECTIVE_TOKEN;