krb5_principal krbPrinc;
struct rs_context *rc = ctx->acceptorCtx.radContext;
- assert(rc != NULL);
+ GSSEAP_ASSERT(rc != NULL);
if (ctx->acceptorName == GSS_C_NO_NAME) {
*minor = 0;
GSSEAP_KRB_INIT(&krbContext);
krbPrinc = ctx->acceptorName->krbPrincipal;
- assert(krbPrinc != NULL);
- assert(KRB_PRINC_LENGTH(krbPrinc) >= 2);
+ GSSEAP_ASSERT(krbPrinc != NULL);
+ GSSEAP_ASSERT(KRB_PRINC_LENGTH(krbPrinc) >= 2);
/* Acceptor-Service-Name */
krbPrincComponentToGssBuffer(krbPrinc, 0, &nameBuf);
struct rs_alloc_scheme ralloc;
struct rs_error *err;
- assert(actx->radContext == NULL);
- assert(actx->radConn == NULL);
+ GSSEAP_ASSERT(actx->radContext == NULL);
+ GSSEAP_ASSERT(actx->radConn == NULL);
if (rs_context_create(&actx->radContext) != 0) {
*minor = GSSEAP_RADSEC_CONTEXT_FAILURE;
goto cleanup;
}
- assert(resp != NULL);
+ GSSEAP_ASSERT(resp != NULL);
frresp = rs_packet_frpkt(resp);
switch (frresp->code) {
if (resp != NULL)
rs_packet_destroy(resp);
if (GSSEAP_SM_STATE(ctx) == GSSEAP_STATE_INITIATOR_EXTS) {
- assert(major == GSS_S_CONTINUE_NEEDED);
+ GSSEAP_ASSERT(major == GSS_S_CONTINUE_NEEDED);
rs_conn_destroy(ctx->acceptorCtx.radConn);
ctx->acceptorCtx.radConn = NULL;
unsigned char *p;
OM_uint32 initiatorGssFlags;
- assert((ctx->flags & CTX_FLAG_KRB_REAUTH) == 0);
+ GSSEAP_ASSERT((ctx->flags & CTX_FLAG_KRB_REAUTH) == 0);
if (inputToken->length < 4) {
*minor = GSSEAP_TOK_TRUNC;
}
}
- assert(CTX_IS_ESTABLISHED(ctx) || major == GSS_S_CONTINUE_NEEDED);
+ GSSEAP_ASSERT(CTX_IS_ESTABLISHED(ctx) || major == GSS_S_CONTINUE_NEEDED);
cleanup:
if (cred != GSS_C_NO_CREDENTIAL)
major = gssEapInitiatorInit(&minor);
- assert(!GSS_ERROR(major));
+ GSSEAP_ASSERT(!GSS_ERROR(major));
}
#endif
p += ctx->acceptorCtx.state.length;
}
- assert(p == (unsigned char *)token->value + token->length);
+ GSSEAP_ASSERT(p == (unsigned char *)token->value + token->length);
major = GSS_S_COMPLETE;
*minor = 0;
if (partialCtx.value != NULL)
p = store_buffer(&partialCtx, p, FALSE);
- assert(p == (unsigned char *)token->value + token->length);
+ GSSEAP_ASSERT(p == (unsigned char *)token->value + token->length);
major = GSS_S_COMPLETE;
*minor = 0;
}
#ifdef GSSEAP_DEBUG
- assert(remain == 0);
+ GSSEAP_ASSERT(remain == 0);
#endif
*pBuf = p;
}
#ifdef GSSEAP_DEBUG
- assert(remain == 0);
+ GSSEAP_ASSERT(remain == 0);
#endif
#endif /* GSSEAP_ENABLE_ACCEPTOR */
if (ctx == GSS_C_NO_CONTEXT)
return FALSE;
- assert(CTX_IS_INITIATOR(ctx));
+ GSSEAP_ASSERT(CTX_IS_INITIATOR(ctx));
switch (variable) {
case EAPOL_idleWhile:
if (ctx == GSS_C_NO_CONTEXT)
return;
- assert(CTX_IS_INITIATOR(ctx));
+ GSSEAP_ASSERT(CTX_IS_INITIATOR(ctx));
switch (variable) {
case EAPOL_idleWhile:
eapPeerConfig->password = NULL;
eapPeerConfig->password_len = 0;
- assert(cred != GSS_C_NO_CREDENTIAL);
+ GSSEAP_ASSERT(cred != GSS_C_NO_CREDENTIAL);
GSSEAP_KRB_INIT(&krbContext);
wpa_debug_level = 0;
#endif
- assert(cred->name != GSS_C_NO_NAME);
+ GSSEAP_ASSERT(cred->name != GSS_C_NO_NAME);
if ((cred->name->flags & (NAME_FLAG_NAI | NAME_FLAG_SERVICE)) == 0) {
*minor = GSSEAP_BAD_INITIATOR_NAME;
OM_uint32 major;
gss_cred_id_t cred = ctx->cred;
- assert(cred != GSS_C_NO_CREDENTIAL);
+ GSSEAP_ASSERT(cred != GSS_C_NO_CREDENTIAL);
if (cred->expiryTime)
ctx->expiryTime = cred->expiryTime;
*minor = GSSEAP_BAD_ERROR_TOKEN;
}
- assert(GSS_ERROR(major));
+ GSSEAP_ASSERT(GSS_ERROR(major));
return major;
}
gss_OID actualMech = GSS_C_NO_OID;
OM_uint32 gssFlags, timeRec;
- assert(cred != GSS_C_NO_CREDENTIAL);
+ GSSEAP_ASSERT(cred != GSS_C_NO_CREDENTIAL);
if (GSSEAP_SM_STATE(ctx) == GSSEAP_STATE_INITIAL) {
if (!gssEapCanReauthP(cred, target, timeReq))
ctx->gssFlags = gssFlags;
if (major == GSS_S_COMPLETE) {
- assert(GSSEAP_SM_STATE(ctx) == GSSEAP_STATE_REAUTHENTICATE);
+ GSSEAP_ASSERT(GSSEAP_SM_STATE(ctx) == GSSEAP_STATE_REAUTHENTICATE);
major = gssEapReauthComplete(minor, ctx, cred, actualMech, timeRec);
if (GSS_ERROR(major))
#endif
*smFlags |= SM_FLAG_FORCE_SEND_TOKEN;
- assert((ctx->flags & CTX_FLAG_KRB_REAUTH) == 0);
- assert(inputToken == GSS_C_NO_BUFFER);
+ GSSEAP_ASSERT((ctx->flags & CTX_FLAG_KRB_REAUTH) == 0);
+ GSSEAP_ASSERT(inputToken == GSS_C_NO_BUFFER);
memset(&eapConfig, 0, sizeof(eapConfig));
*minor = 0;
- assert(inputToken != GSS_C_NO_BUFFER);
+ GSSEAP_ASSERT(inputToken != GSS_C_NO_BUFFER);
major = peerConfigInit(minor, ctx);
if (GSS_ERROR(major))
goto cleanup;
- assert(ctx->initiatorCtx.eap != NULL);
- assert(ctx->flags & CTX_FLAG_EAP_PORT_ENABLED);
+ GSSEAP_ASSERT(ctx->initiatorCtx.eap != NULL);
+ GSSEAP_ASSERT(ctx->flags & CTX_FLAG_EAP_PORT_ENABLED);
ctx->flags |= CTX_FLAG_EAP_REQ; /* we have a Request from the acceptor */
OM_uint32 tmpMajor;
gss_buffer_desc respBuf;
- assert(major == GSS_S_CONTINUE_NEEDED);
+ GSSEAP_ASSERT(major == GSS_S_CONTINUE_NEEDED);
respBuf.length = wpabuf_len(resp);
respBuf.value = (void *)wpabuf_head(resp);
if (GSS_ERROR(major))
return major;
- assert(outputToken->value != NULL);
+ GSSEAP_ASSERT(outputToken->value != NULL);
*minor = 0;
*smFlags |= SM_FLAG_OUTPUT_TOKEN_CRITICAL;
if (GSS_ERROR(major))
goto cleanup;
- assert(ctx->cred != GSS_C_NO_CREDENTIAL);
+ GSSEAP_ASSERT(ctx->cred != GSS_C_NO_CREDENTIAL);
}
GSSEAP_MUTEX_LOCK(&ctx->cred->mutex);
- assert(ctx->cred->flags & CRED_FLAG_RESOLVED);
- assert(ctx->cred->flags & CRED_FLAG_INITIATE);
+ GSSEAP_ASSERT(ctx->cred->flags & CRED_FLAG_RESOLVED);
+ GSSEAP_ASSERT(ctx->cred->flags & CRED_FLAG_INITIATE);
if (initialContextToken) {
major = initBegin(minor, ctx, target_name, mech_type,
if (time_rec != NULL)
gssEapContextTime(&tmpMinor, ctx, time_rec);
- assert(CTX_IS_ESTABLISHED(ctx) || major == GSS_S_CONTINUE_NEEDED);
+ GSSEAP_ASSERT(CTX_IS_ESTABLISHED(ctx) || major == GSS_S_CONTINUE_NEEDED);
cleanup:
if (cred != GSS_C_NO_CREDENTIAL)
output_token->length = 0;
output_token->value = NULL;
- assert(ctx == GSS_C_NO_CONTEXT || ctx->mechanismUsed != GSS_C_NO_OID);
+ GSSEAP_ASSERT(ctx == GSS_C_NO_CONTEXT || ctx->mechanismUsed != GSS_C_NO_OID);
if (ctx == GSS_C_NO_CONTEXT) {
if (input_token != GSS_C_NO_BUFFER && input_token->length != 0) {
*qop_state = GSS_C_QOP_DEFAULT;
header = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_HEADER);
- assert(header != NULL);
+ GSSEAP_ASSERT(header != NULL);
padding = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_PADDING);
if (padding != NULL && padding->buffer.length != 0) {
GSSEAP_KRB_INIT(&krbContext);
- assert(toktype == TOK_TYPE_WRAP);
+ GSSEAP_ASSERT(toktype == TOK_TYPE_WRAP);
if (toktype != TOK_TYPE_WRAP) {
code = GSSEAP_WRONG_TOK_ID;
}
stream = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_STREAM);
- assert(stream != NULL);
+ GSSEAP_ASSERT(stream != NULL);
if (stream->buffer.length < 16) {
major = GSS_S_DEFECTIVE_TOKEN;
tdata->buffer.length = stream->buffer.length - ttrailer->buffer.length -
tpadding->buffer.length - theader->buffer.length;
- assert(data != NULL);
+ GSSEAP_ASSERT(data != NULL);
if (data->type & GSS_IOV_BUFFER_FLAG_ALLOCATE) {
code = gssEapAllocIov(tdata, tdata->buffer.length);
theader->buffer.length;
}
- assert(i <= iov_count + 2);
+ GSSEAP_ASSERT(i <= iov_count + 2);
major = unwrapToken(&code, ctx, KRB_CRYPTO_CONTEXT(ctx),
conf_state, qop_state, tiov, i, toktype);
#define GSSAPI_CALLCONV KRB5_CALLCONV
#endif
+#ifndef GSSEAP_ASSERT
+#include <assert.h>
+#define GSSEAP_ASSERT(x) assert((x))
+#endif /* !GSSEAP_ASSERT */
+
#ifdef WIN32
#define GSSEAP_CONSTRUCTOR
#define GSSEAP_DESTRUCTOR
#endif
#define GSSEAP_NOT_IMPLEMENTED do { \
- assert(0 && "not implemented"); \
+ GSSEAP_ASSERT(0 && "not implemented"); \
*minor = ENOSYS; \
return GSS_S_FAILURE; \
} while (0)
krb5_free_data_contents(kcontext, &radius_ad->avpdata);
radius_ad->verified = FALSE;
- assert(authdata[0] != NULL);
+ GSSEAP_ASSERT(authdata[0] != NULL);
radius_ad->avpdata.data = GSSEAP_MALLOC(authdata[0]->length);
if (radius_ad->avpdata.data == NULL)
{
OM_uint32 major, minor;
- assert(gssEapAttrProvidersInitStatus == GSS_S_UNAVAILABLE);
+ GSSEAP_ASSERT(gssEapAttrProvidersInitStatus == GSS_S_UNAVAILABLE);
major = gssEapRadiusAttrProviderInit(&minor);
if (GSS_ERROR(major))
cleanup:
#ifdef GSSEAP_DEBUG
- assert(major == GSS_S_COMPLETE);
+ GSSEAP_ASSERT(major == GSS_S_COMPLETE);
#endif
gssEapAttrProvidersInitStatus = major;
gss_eap_attr_ctx::registerProvider(unsigned int type,
gss_eap_attr_create_provider factory)
{
- assert(type <= ATTR_TYPE_MAX);
+ GSSEAP_ASSERT(type <= ATTR_TYPE_MAX);
- assert(gssEapAttrFactories[type] == NULL);
+ GSSEAP_ASSERT(gssEapAttrFactories[type] == NULL);
gssEapAttrFactories[type] = factory;
}
void
gss_eap_attr_ctx::unregisterProvider(unsigned int type)
{
- assert(type <= ATTR_TYPE_MAX);
+ GSSEAP_ASSERT(type <= ATTR_TYPE_MAX);
gssEapAttrFactories[type] = NULL;
}
gss_eap_attr_provider *
gss_eap_attr_ctx::getProvider(unsigned int type) const
{
- assert(type >= ATTR_TYPE_MIN && type <= ATTR_TYPE_MAX);
+ GSSEAP_ASSERT(type >= ATTR_TYPE_MIN && type <= ATTR_TYPE_MAX);
return m_providers[type];
}
}
cleanup:
- assert(GSS_ERROR(major));
+ GSSEAP_ASSERT(GSS_ERROR(major));
return major;
}
gss_eap_attr_ctx *ctx = NULL;
OM_uint32 major = GSS_S_FAILURE;
- assert(name->attrCtx == NULL);
+ GSSEAP_ASSERT(name->attrCtx == NULL);
if (GSS_ERROR(gssEapAttrProvidersInit(minor)))
return GSS_S_UNAVAILABLE;
major = ctx->mapException(minor, e);
}
- assert(major == GSS_S_COMPLETE || name->attrCtx == NULL);
+ GSSEAP_ASSERT(major == GSS_S_COMPLETE || name->attrCtx == NULL);
if (GSS_ERROR(major))
delete ctx;
gss_eap_attr_ctx *ctx = NULL;
OM_uint32 major = GSS_S_FAILURE;
- assert(out->attrCtx == NULL);
+ GSSEAP_ASSERT(out->attrCtx == NULL);
if (in->attrCtx == NULL) {
*minor = 0;
major = in->attrCtx->mapException(minor, e);
}
- assert(major == GSS_S_COMPLETE || out->attrCtx == NULL);
+ GSSEAP_ASSERT(major == GSS_S_COMPLETE || out->attrCtx == NULL);
if (GSS_ERROR(major))
delete ctx;
gss_eap_attr_ctx *ctx = NULL;
OM_uint32 major;
- assert(gssCtx != GSS_C_NO_CONTEXT);
+ GSSEAP_ASSERT(gssCtx != GSS_C_NO_CONTEXT);
*pAttrContext = NULL;
return code;
header = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_HEADER);
- assert(header != NULL);
+ GSSEAP_ASSERT(header != NULL);
trailer = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_TRAILER);
- assert(rrc != 0 || trailer != NULL);
+ GSSEAP_ASSERT(rrc != 0 || trailer != NULL);
if (trailer == NULL) {
if (rrc != k5_checksumlen)
OM_uint32 tmpMinor;
gss_ctx_id_t ctx;
- assert(*pCtx == GSS_C_NO_CONTEXT);
+ GSSEAP_ASSERT(*pCtx == GSS_C_NO_CONTEXT);
ctx = (gss_ctx_id_t)GSSEAP_CALLOC(1, sizeof(*ctx));
if (ctx == NULL) {
{
unsigned char *p;
- assert(ctx->mechanismUsed != GSS_C_NO_OID);
+ GSSEAP_ASSERT(ctx->mechanismUsed != GSS_C_NO_OID);
outputToken->length = tokenSize(ctx->mechanismUsed, innerToken->length);
outputToken->value = GSSEAP_MALLOC(outputToken->length);
tokens = verifyMIC ? ctx->inputTokens : ctx->outputTokens;
- assert(tokens != NULL);
+ GSSEAP_ASSERT(tokens != NULL);
iov = GSSEAP_CALLOC(2 + (3 * tokens->buffers.count) + 1, sizeof(*iov));
if (iov == NULL) {
}
/* Mechanism OID */
- assert(ctx->mechanismUsed != GSS_C_NO_OID);
+ GSSEAP_ASSERT(ctx->mechanismUsed != GSS_C_NO_OID);
iov[i].type = GSS_IOV_BUFFER_TYPE_DATA;
iov[i].buffer.length = ctx->mechanismUsed->length;
iov[i].buffer.value = ctx->mechanismUsed->elements;
}
if (verifyMIC) {
- assert(tokenMIC->length >= 16);
+ GSSEAP_ASSERT(tokenMIC->length >= 16);
- assert(i < 2 + (3 * tokens->buffers.count));
+ GSSEAP_ASSERT(i < 2 + (3 * tokens->buffers.count));
iov[i].type = GSS_IOV_BUFFER_TYPE_HEADER;
iov[i].buffer.length = 16;
OM_uint32 minor;
int present = 0;
- assert(mech != GSS_C_NO_OID);
+ GSSEAP_ASSERT(mech != GSS_C_NO_OID);
if (cred == GSS_C_NO_CREDENTIAL || cred->mechanisms == GSS_C_NO_OID_SET)
return TRUE;
*pkiov_count = 0;
header = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_HEADER);
- assert(header != NULL);
+ GSSEAP_ASSERT(header != NULL);
trailer = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_TRAILER);
- assert(trailer == NULL || rrc == 0);
+ GSSEAP_ASSERT(trailer == NULL || rrc == 0);
code = krbCryptoLength(context, crypto, KRB5_CRYPTO_TYPE_HEADER, &k5_headerlen);
if (code != 0)
int i;
size_t data_length = 0, assoc_data_length = 0;
- assert(iov != GSS_C_NO_IOV_BUFFER);
+ GSSEAP_ASSERT(iov != GSS_C_NO_IOV_BUFFER);
*data_length_p = *assoc_data_length_p = 0;
int i;
OM_uint32 min_stat;
- assert(iov != GSS_C_NO_IOV_BUFFER);
+ GSSEAP_ASSERT(iov != GSS_C_NO_IOV_BUFFER);
for (i = 0; i < iov_count; i++) {
if (iov[i].type & GSS_IOV_BUFFER_FLAG_ALLOCATED) {
int i;
krb5_boolean has_conf_data = FALSE;
- assert(iov != GSS_C_NO_IOV_BUFFER);
+ GSSEAP_ASSERT(iov != GSS_C_NO_IOV_BUFFER);
for (i = 0; i < iov_count; i++) {
if (GSS_IOV_BUFFER_TYPE(iov[i].type) == GSS_IOV_BUFFER_TYPE_DATA) {
int
gssEapAllocIov(gss_iov_buffer_t iov, size_t size)
{
- assert(iov != GSS_C_NO_IOV_BUFFER);
- assert(iov->type & GSS_IOV_BUFFER_FLAG_ALLOCATE);
+ GSSEAP_ASSERT(iov != GSS_C_NO_IOV_BUFFER);
+ GSSEAP_ASSERT(iov->type & GSS_IOV_BUFFER_FLAG_ALLOCATE);
iov->buffer.length = size;
iov->buffer.value = GSSEAP_MALLOC(size);
unsigned char constant[4 + sizeof("rfc4121-gss-eap") - 1], *p;
ssize_t i, remain;
- assert(encryptionType != ENCTYPE_NULL);
+ GSSEAP_ASSERT(encryptionType != ENCTYPE_NULL);
memset(pKey, 0, sizeof(*pKey));
{
MoonshotError *error = *pError;
- assert(error != NULL);
+ GSSEAP_ASSERT(error != NULL);
switch (error->code) {
case MOONSHOT_ERROR_UNABLE_TO_START_SERVICE:
return GSS_S_FAILURE;
}
- assert(krbPrinc != NULL);
+ GSSEAP_ASSERT(krbPrinc != NULL);
major = krbPrincipalToName(minor, &krbPrinc, pName);
if (GSS_ERROR(major))
if (major == GSS_S_COMPLETE &&
mechType != GSS_C_NO_OID) {
- assert(gssEapIsConcreteMechanismOid(mechType));
- assert(name->mechanismUsed == GSS_C_NO_OID);
+ GSSEAP_ASSERT(gssEapIsConcreteMechanismOid(mechType));
+ GSSEAP_ASSERT(name->mechanismUsed == GSS_C_NO_OID);
major = gssEapCanonicalizeOid(minor, mechType, 0, &name->mechanismUsed);
}
p += attrs.length;
}
- assert(p == (unsigned char *)exportedName->value + exportedNameLen);
+ GSSEAP_ASSERT(p == (unsigned char *)exportedName->value + exportedNameLen);
major = GSS_S_COMPLETE;
*minor = 0;
return false;
/* We assume libradsec validated this for us */
- assert(pairfind(m_vps, PW_MESSAGE_AUTHENTICATOR) != NULL);
+ GSSEAP_ASSERT(pairfind(m_vps, PW_MESSAGE_AUTHENTICATOR) != NULL);
m_authenticated = true;
}
}
bool bInternalAttribute = false;
/* should have been filtered */
- assert(!isSecretAttributeP(attrid, vendor));
+ GSSEAP_ASSERT(!isSecretAttributeP(attrid, vendor));
switch (vendor) {
case VENDORPEC_UKERNA:
{
JSONObject obj;
- assert(vp->length <= MAX_STRING_LEN);
+ GSSEAP_ASSERT(vp->length <= MAX_STRING_LEN);
switch (vp->type) {
case PW_TYPE_INTEGER:
{
int code;
- assert(err != NULL);
+ GSSEAP_ASSERT(err != NULL);
code = rs_err_code(err, 0);
GSSEAP_KRB_INIT(&krbContext);
- assert(cred != GSS_C_NO_CREDENTIAL);
- assert(target != GSS_C_NO_NAME);
+ GSSEAP_ASSERT(cred != GSS_C_NO_CREDENTIAL);
+ GSSEAP_ASSERT(target != GSS_C_NO_NAME);
if (cred->name == GSS_C_NO_NAME ||
!reauthUseCredsCache(krbContext, cred->name->krbPrincipal))
time_t now, expiryReq;
OM_uint32 minor;
- assert(cred != GSS_C_NO_CREDENTIAL);
+ GSSEAP_ASSERT(cred != GSS_C_NO_CREDENTIAL);
now = time(NULL);
expiryReq = now;
/* Then we may be creating from an existing attribute context */
const gss_eap_saml_assertion_provider *saml;
- assert(m_assertion == NULL);
+ GSSEAP_ASSERT(m_assertion == NULL);
if (!gss_eap_attr_provider::initWithExistingContext(manager, ctx))
return false;
int authenticated, complete;
OM_uint32 minor;
- assert(m_assertion == NULL);
+ GSSEAP_ASSERT(m_assertion == NULL);
if (!gss_eap_attr_provider::initWithGssContext(manager, gssCred, gssCtx))
return false;
attribute->getAttributeValues().push_back(attributeValue);
- assert(attributeStatement != NULL);
+ GSSEAP_ASSERT(attributeStatement != NULL);
attributeStatement->getAttributes().push_back(attribute);
delete components;
{
int i = 0;
- assert(m_initialized);
+ GSSEAP_ASSERT(m_initialized);
for (vector<Attribute *>::const_iterator a = m_attributes.begin();
a != m_attributes.end();
vector <string> ids(1, attrStr);
BinaryAttribute *a = new BinaryAttribute(ids);
- assert(m_initialized);
+ GSSEAP_ASSERT(m_initialized);
if (value->length != 0) {
string valueStr((char *)value->value, value->length);
{
int i;
- assert(m_initialized);
+ GSSEAP_ASSERT(m_initialized);
i = getAttributeIndex(attr);
if (i >= 0)
gss_eap_shib_attr_provider::getAttributeTypes(gss_eap_attr_enumeration_cb addAttribute,
void *data) const
{
- assert(m_initialized);
+ GSSEAP_ASSERT(m_initialized);
for (vector<Attribute*>::const_iterator a = m_attributes.begin();
a != m_attributes.end();
{
const Attribute *ret = NULL;
- assert(m_initialized);
+ GSSEAP_ASSERT(m_initialized);
for (vector<Attribute *>::const_iterator a = m_attributes.begin();
a != m_attributes.end();
gss_buffer_desc displayValueBuf = GSS_C_EMPTY_BUFFER;
int nvalues, i = *more;
- assert(m_initialized);
+ GSSEAP_ASSERT(m_initialized);
*more = 0;
{
gss_any_t output;
- assert(m_initialized);
+ GSSEAP_ASSERT(m_initialized);
if (authenticated && !m_authenticated)
return (gss_any_t)NULL;
gss_eap_shib_attr_provider::releaseAnyNameMapping(gss_buffer_t type_id GSSEAP_UNUSED,
gss_any_t input) const
{
- assert(m_initialized);
+ GSSEAP_ASSERT(m_initialized);
vector <Attribute *> *v = ((vector <Attribute *> *)input);
delete v;
if (!gss_eap_attr_provider::initWithJsonObject(ctx, obj))
return false;
- assert(m_authenticated == false);
- assert(m_attributes.size() == 0);
+ GSSEAP_ASSERT(m_authenticated == false);
+ GSSEAP_ASSERT(m_attributes.size() == 0);
JSONObject jattrs = obj["attributes"];
size_t nelems = jattrs.size();
#define SM_FLAG_TRANSITED 0x80000000
#define SM_ASSERT_VALID(ctx, status) do { \
- assert(GSS_ERROR((status)) || \
+ GSSEAP_ASSERT(GSS_ERROR((status)) || \
((status) == GSS_S_CONTINUE_NEEDED && ((ctx)->state > GSSEAP_STATE_INITIAL && (ctx)->state < GSSEAP_STATE_ESTABLISHED)) || \
((status) == GSS_S_COMPLETE && (ctx)->state == GSSEAP_STATE_ESTABLISHED)); \
} while (0)
void
gssEapSmTransition(gss_ctx_id_t ctx, enum gss_eap_state state)
{
- assert(state >= GSSEAP_STATE_INITIAL);
- assert(state <= GSSEAP_STATE_ESTABLISHED);
+ GSSEAP_ASSERT(state >= GSSEAP_STATE_INITIAL);
+ GSSEAP_ASSERT(state <= GSSEAP_STATE_ESTABLISHED);
fprintf(stderr, "GSS-EAP: state transition %s->%s\n",
gssEapStateToString(GSSEAP_SM_STATE(ctx)),
unsigned char errorData[8];
gss_buffer_desc errorBuffer;
- assert(GSS_ERROR(majorStatus));
+ GSSEAP_ASSERT(GSS_ERROR(majorStatus));
/*
* Only return error codes that the initiator could have caused,
int initialContextToken = 0;
enum gss_eap_token_type tokType;
- assert(smCount > 0);
+ GSSEAP_ASSERT(smCount > 0);
*minor = 0;
goto cleanup;
}
- assert(ctx->state < GSSEAP_STATE_ESTABLISHED);
+ GSSEAP_ASSERT(ctx->state < GSSEAP_STATE_ESTABLISHED);
major = gssEapDecodeInnerTokens(minor, &unwrappedInputToken, &inputTokens);
if (GSS_ERROR(major))
if (innerOutputToken.value != NULL) {
outputTokens.buffers.elements[outputTokens.buffers.count] = innerOutputToken;
- assert(smp->outputTokenType != ITOK_TYPE_NONE);
+ GSSEAP_ASSERT(smp->outputTokenType != ITOK_TYPE_NONE);
outputTokens.types[outputTokens.buffers.count] = smp->outputTokenType;
if (smFlags & SM_FLAG_OUTPUT_TOKEN_CRITICAL)
outputTokens.types[outputTokens.buffers.count] |= ITOK_FLAG_CRITICAL;
}
}
- assert(outputTokens.buffers.count <= smCount);
+ GSSEAP_ASSERT(outputTokens.buffers.count <= smCount);
/* Check we understood all critical tokens sent by peer */
if (!GSS_ERROR(major)) {
}
/* If the context is established, empty tokens only to be emitted by initiator */
- assert(!CTX_IS_ESTABLISHED(ctx) || ((outputToken->length == 0) == CTX_IS_INITIATOR(ctx)));
+ GSSEAP_ASSERT(!CTX_IS_ESTABLISHED(ctx) || ((outputToken->length == 0) == CTX_IS_INITIATOR(ctx)));
SM_ASSERT_VALID(ctx, major);
for (i = 0; i < tokens->buffers.count; i++) {
gss_buffer_t tokenBuffer = &tokens->buffers.elements[i];
- assert((tokens->types[i] & ITOK_FLAG_VERIFIED) == 0); /* private flag */
+ GSSEAP_ASSERT((tokens->types[i] & ITOK_FLAG_VERIFIED) == 0); /* private flag */
/*
* Extensions are encoded as type-length-value, where the upper
p += 8 + tokenBuffer->length;
}
- assert(p == (unsigned char *)buffer->value + required);
- assert(buffer->value != NULL);
+ GSSEAP_ASSERT(p == (unsigned char *)buffer->value + required);
+ GSSEAP_ASSERT(buffer->value != NULL);
major = GSS_S_COMPLETE;
*minor = 0;
size_t
tokenSize(const gss_OID_desc *mech, size_t body_size)
{
- assert(mech != GSS_C_NO_OID);
+ GSSEAP_ASSERT(mech != GSS_C_NO_OID);
/* set body_size to sequence contents size */
body_size += 4 + (size_t) mech->length; /* NEED overflow check */
*(*buf)++ = (unsigned char)mech->length;
memcpy(*buf, mech->elements, mech->length);
*buf += mech->length;
- assert(tok_type != TOK_TYPE_NONE);
+ GSSEAP_ASSERT(tok_type != TOK_TYPE_NONE);
*(*buf)++ = (unsigned char)((tok_type>>8) & 0xff);
*(*buf)++ = (unsigned char)(tok_type & 0xff);
}
if (code != 0)
goto cleanup;
- assert(gssTrailerLen <= 0xFFFF);
+ GSSEAP_ASSERT(gssTrailerLen <= 0xFFFF);
if (trailer == NULL) {
rrc = gssTrailerLen;
else
trailer->buffer.length = gssTrailerLen;
- assert(gssPadLen == 0 || padding != NULL);
+ GSSEAP_ASSERT(gssPadLen == 0 || padding != NULL);
if (padding != NULL)
padding->buffer.length = gssPadLen;