- nsMoonshotSessionState();
-
- virtual ~nsMoonshotSessionState() {
- OM_uint32 minor_status;
- if (mCtx != GSS_C_NO_CONTEXT)
- (void)gss_delete_sec_context(&minor_status, &mCtx, GSS_C_NO_BUFFER);
- mCtx = GSS_C_NO_CONTEXT;
- mech_oid = GSS_C_NO_OID;
- }
-
- NS_IMETHOD Reset() {
- OM_uint32 minor_status;
- if (mCtx != GSS_C_NO_CONTEXT)
- (void)gss_delete_sec_context(&minor_status, &mCtx, GSS_C_NO_BUFFER);
- mCtx = GSS_C_NO_CONTEXT;
- context_state = 0;
- return NS_OK;
- }
- gss_OID GetOID() { return (mech_oid); }
-
- // TEST
- int GetCount() { return ++count; }
-
- gss_ctx_id_t mCtx;
- int context_state;
-private:
- gss_OID mech_oid;
- int count;
-};
-
-nsMoonshotSessionState::nsMoonshotSessionState()
-{
- OM_uint32 minstat, majstat;
- //gss_buffer_desc buffer;
- gss_OID_set mech_set;
- //int mech_found = 0;
- unsigned int i;
- gss_OID item;
-
-
- mCtx = GSS_C_NO_CONTEXT;
- mech_oid = &gss_krb5_mech_oid_desc;
- context_state = 0;
-
- //
- // Now, look at the list of supported mechanisms,
- // if SPNEGO is found, then use it.
- // Otherwise, set the desired mechanism to krb5
- //
- // Using Kerberos directly (instead of negotiating
- // with SPNEGO) may work in some cases depending
- // on how smart the server side is.
- //
-
- // TEST
- count = 0;
- LOG(("nsMoonshotSessionState::nsMoonshotSessionState [count=%d]\n", count));
-
- majstat = gss_indicate_mechs(&minstat, &mech_set);
- if (GSS_ERROR(majstat))
- return;
-
- for (i=0; i<mech_set->count; i++) {
- item = &mech_set->elements[i];
- if (item->length == gss_spnego_mech_oid_desc.length &&
- !memcmp(item->elements, gss_spnego_mech_oid_desc.elements,
- item->length)) {
- mech_oid = &gss_spnego_mech_oid_desc;
- break;
- }
- }
- (void) gss_release_oid_set(&minstat, &mech_set);
-/* HACK: */
- parse_oid("{1 3 6 1 4 1 5322 22 1 18}", &mech_oid);