GSSEAP_KRB_INIT(&krbContext);
krb5_free_principal(krbContext, name->krbPrincipal);
- radiusReleaseAttrContext(&tmpMinor, &name->radiusCtx);
samlReleaseAttrContext(&tmpMinor, &name->samlCtx);
GSSEAP_MUTEX_DESTROY(&name->mutex);
OM_uint32 major, tmpMinor;
krb5_context krbContext;
unsigned char *p;
- int composite = 0;
size_t len, remain;
gss_buffer_desc buf;
enum gss_eap_token_type tok_type;
p += len;
remain -= len;
- if (composite == 0 && remain != 0)
+ if (remain != 0)
return GSS_S_BAD_NAME;
major = importUserName(minor, &buf, pName);
if (GSS_ERROR(major))
return major;
- /* XXX TODO composite handling */
+ if (tok_type == TOK_TYPE_EXPORT_NAME_COMPOSITE) {
+ gss_buffer_desc saml;
+
+ saml.length = remain;
+ saml.value = p;
+
+ major = samlImportAttrContext(minor, &saml, &(*pName)->samlCtx);
+ if (GSS_ERROR(major)) {
+ gssEapReleaseName(&tmpMinor, pName);
+ return major;
+ }
+ }
return GSS_S_COMPLETE;
}
char *krbName = NULL;
size_t krbNameLen;
unsigned char *p;
+ gss_buffer_desc saml;
+
+ saml.length = 0;
+ saml.value = NULL;
exportedName->length = 0;
exportedName->value = NULL;
composite = 0;
*minor = krb5_unparse_name(krbContext, name->krbPrincipal, &krbName);
- if (*minor != 0)
+ if (*minor != 0) {
+ major = GSS_S_FAILURE;
goto cleanup;
+ }
krbNameLen = strlen(krbName);
exportedName->length = 6 + GSS_EAP_MECHANISM->length + 4 + krbNameLen;
if (composite) {
- /* TODO: export SAML/AVP, this is pending specification */
-
+ major = samlExportAttrContext(minor, name->samlCtx, &saml);
+ if (GSS_ERROR(major))
+ goto cleanup;
+
+ exportedName->length += 4 + saml.length;
}
exportedName->value = GSSEAP_MALLOC(exportedName->length);
if (exportedName->value == NULL) {
+ major = GSS_S_FAILURE;
*minor = ENOMEM;
goto cleanup;
}
memcpy(p, krbName, krbNameLen);
p += krbNameLen;
+ store_uint32_be(saml.length, p);
+ p += 4;
+
+ memcpy(p, saml.value, saml.length);
+ p += saml.length;
+
*minor = 0;
major = GSS_S_COMPLETE;
cleanup:
GSSEAP_MUTEX_UNLOCK(&name->mutex);
+ gss_release_buffer(&tmpMinor, &saml);
if (GSS_ERROR(major))
gss_release_buffer(&tmpMinor, exportedName);
krb5_free_unparsed_name(krbContext, krbName);