use macros for state accessors

diff --git a/accept_sec_context.c b/accept_sec_context.c
index 8f83630..608ec58 100644 (file)
--- a/accept_sec_context.c
+++ b/accept_sec_context.c
@@ -850,7 +850,7 @@ gss_accept_sec_context(OM_uint32 *minor,
         }
     }
 
-    assert(ctx->state == GSSEAP_STATE_ESTABLISHED || major == GSS_S_CONTINUE_NEEDED);
+    assert(CTX_IS_ESTABLISHED(ctx) || major == GSS_S_CONTINUE_NEEDED);
 
 cleanup:
     if (cred != GSS_C_NO_CREDENTIAL)

diff --git a/export_sec_context.c b/export_sec_context.c
index e50b6e5..2ea2c5c 100644 (file)
--- a/export_sec_context.c
+++ b/export_sec_context.c
@@ -165,7 +165,7 @@ gssEapExportSecContext(OM_uint32 *minor,
     p = (unsigned char *)token->value;
 
     store_uint32_be(EAP_EXPORT_CONTEXT_V1, &p[0]);        /* version */
-    store_uint32_be(ctx->state,            &p[4]);
+    store_uint32_be(GSSEAP_SM_STATE(ctx),  &p[4]);
     store_uint32_be(ctx->flags,            &p[8]);
     store_uint32_be(ctx->gssFlags,         &p[12]);
     p = store_oid(ctx->mechanismUsed,      &p[16]);

diff --git a/import_sec_context.c b/import_sec_context.c
index 0289c0c..08c5005 100644 (file)
--- a/import_sec_context.c
+++ b/import_sec_context.c
@@ -251,8 +251,8 @@ gssEapImportContext(OM_uint32 *minor,
     remain -= 16;
 
     /* Validate state */
-    if (ctx->state < GSSEAP_STATE_INITIAL ||
-        ctx->state > GSSEAP_STATE_ESTABLISHED)
+    if (GSSEAP_SM_STATE(ctx) < GSSEAP_STATE_INITIAL ||
+        GSSEAP_SM_STATE(ctx) > GSSEAP_STATE_ESTABLISHED)
         return GSS_S_DEFECTIVE_TOKEN;
 
     /* Only acceptor can export partial context tokens */

diff --git a/util.h b/util.h
index ec80a20..bb6f367 100644 (file)
--- a/util.h
+++ b/util.h
@@ -546,6 +546,8 @@ enum gss_eap_state {
 
 #define GSSEAP_STATE_NEXT(s)    ((s) << 1)
 
+#define GSSEAP_SM_STATE(ctx)                ((ctx)->state)
+
 #ifdef GSSEAP_DEBUG
 void gssEapSmTransition(gss_ctx_id_t ctx, enum gss_eap_state state);
 #define GSSEAP_SM_TRANSITION(ctx, state)    gssEapSmTransition((ctx), (state))
@@ -553,7 +555,7 @@ void gssEapSmTransition(gss_ctx_id_t ctx, enum gss_eap_state state);
 #define GSSEAP_SM_TRANSITION(ctx, state)    do { (ctx)->state = (state); } while (0)
 #endif
 
-#define GSSEAP_SM_TRANSITION_NEXT(ctx)      GSSEAP_SM_TRANSITION((ctx), GSSEAP_STATE_NEXT((ctx)->state))
+#define GSSEAP_SM_TRANSITION_NEXT(ctx)      GSSEAP_SM_TRANSITION((ctx), GSSEAP_STATE_NEXT(GSSEAP_SM_STATE((ctx))))
 
 /* state machine entry */
 struct gss_eap_sm {
@@ -576,6 +578,7 @@ struct gss_eap_sm {
 
 #define SM_FLAG_FORCE_SEND_TOKEN            0x00000001  /* send token even if empty */
 #define SM_FLAG_STOP_EVAL                   0x00000002  /* no more handlers for this state */
+#define SM_FLAG_RESTART                     0x00000004  /* restart state machine */
 
 #define SM_ITOK_FLAG_CRITICAL               0x00000001  /* sent tokens marked critical */
 #define SM_ITOK_FLAG_REQUIRED               0x00000002  /* received tokens must be present */