TOK_TYPE_EXPORT_NAME = 0x0401, /* RFC 2743 exported name */
TOK_TYPE_EXPORT_NAME_COMPOSITE = 0x0402, /* exported composite name */
TOK_TYPE_DELETE_CONTEXT = 0x0405, /* RFC 2743 delete context */
- TOK_TYPE_ESTABLISH_CONTEXT = 0x0601, /* establish context */
+ TOK_TYPE_INITIATOR_CONTEXT = 0x0601, /* initiator-sent context token */
+ TOK_TYPE_ACCEPTOR_CONTEXT = 0x0602, /* acceptor-sent context token */
};
/* inner token types and flags */
unsigned int smFlags = 0;
size_t i, j;
int initialContextToken = 0;
+ enum gss_eap_token_type tokType;
assert(smCount > 0);
outputToken->value = NULL;
if (inputToken != GSS_C_NO_BUFFER && inputToken->length != 0) {
- enum gss_eap_token_type tokType;
-
major = gssEapVerifyToken(minor, ctx, inputToken, &tokType,
&unwrappedInputToken);
if (GSS_ERROR(major))
goto cleanup;
- if (tokType != TOK_TYPE_ESTABLISH_CONTEXT) {
+ if (tokType != (CTX_IS_INITIATOR(ctx)
+ ? TOK_TYPE_ACCEPTOR_CONTEXT : TOK_TYPE_INITIATOR_CONTEXT)) {
major = GSS_S_DEFECTIVE_TOKEN;
*minor = GSSEAP_WRONG_TOK_ID;
goto cleanup;
tmpMajor = gssEapEncodeInnerTokens(&tmpMinor, innerOutputTokens,
outputTokenTypes, &unwrappedOutputToken);
if (tmpMajor == GSS_S_COMPLETE) {
+ if (CTX_IS_INITIATOR(ctx))
+ tokType = TOK_TYPE_INITIATOR_CONTEXT;
+ else
+ tokType = TOK_TYPE_ACCEPTOR_CONTEXT;
+
tmpMajor = gssEapMakeToken(&tmpMinor, ctx, &unwrappedOutputToken,
- TOK_TYPE_ESTABLISH_CONTEXT, outputToken);
+ tokType, outputToken);
if (GSS_ERROR(tmpMajor)) {
major = tmpMajor;
*minor = tmpMinor;