gss_channel_bindings_t chanBindings,
gss_buffer_t inputToken,
gss_buffer_t outputToken,
- int *transitionState);
+ OM_uint32 *smFlags);
#endif
/*
gss_channel_bindings_t chanBindings __attribute__((__unused__)),
gss_buffer_t inputToken,
gss_buffer_t outputToken,
- int *transitionState)
+ OM_uint32 *smFlags)
{
OM_uint32 major;
struct wpabuf *reqData;
wpabuf_free(reqData);
*minor = 0;
- *transitionState = 1;
+ *smFlags |= SM_FLAG_TRANSITION;
return GSS_S_CONTINUE_NEEDED;
}
gss_channel_bindings_t chanBindings,
gss_buffer_t inputToken,
gss_buffer_t outputToken,
- int *transitionState)
+ OM_uint32 *smFlags)
{
OM_uint32 major, tmpMinor;
struct rs_connection *rconn;
if (GSS_ERROR(major))
goto cleanup;
- *transitionState = 1;
+ *smFlags |= SM_FLAG_TRANSITION;
}
major = GSS_S_CONTINUE_NEEDED;
gss_channel_bindings_t chanBindings,
gss_buffer_t inputToken,
gss_buffer_t outputToken,
- int *transitionState)
+ OM_uint32 *smFlags)
{
OM_uint32 major, tmpMinor;
gss_iov_buffer_desc iov[2];
!bufferEqual(&iov[0].buffer, &chanBindings->application_data)) {
major = GSS_S_BAD_BINDINGS;
*minor = GSSEAP_BINDINGS_MISMATCH;
+ } else {
+ major = GSS_S_CONTINUE_NEEDED;
+ *minor = 0;
}
gss_release_buffer(&tmpMinor, &iov[0].buffer);
return major;
}
+static OM_uint32
+eapGssSmAcceptCompleteInitiatorExts(OM_uint32 *minor,
+ gss_cred_id_t cred,
+ gss_ctx_id_t ctx,
+ gss_name_t target __attribute__((__unused__)),
+ gss_OID mech __attribute__((__unused__)),
+ OM_uint32 reqFlags __attribute__((__unused__)),
+ OM_uint32 timeReq __attribute__((__unused__)),
+ gss_channel_bindings_t chanBindings __attribute__((__unused__)),
+ gss_buffer_t inputToken,
+ gss_buffer_t outputToken,
+ OM_uint32 *smFlags)
+{
+ *minor = 0;
+ *smFlags |= SM_FLAG_TRANSITION | SM_FLAG_STOP_EVAL;
+ return GSS_S_CONTINUE_NEEDED;
+}
+
#ifdef GSSEAP_ENABLE_REAUTH
static OM_uint32
eapGssSmAcceptReauthCreds(OM_uint32 *minor,
gss_channel_bindings_t chanBindings __attribute__((__unused__)),
gss_buffer_t inputToken,
gss_buffer_t outputToken,
- int *transitionState)
+ OM_uint32 *smFlags)
{
OM_uint32 major;
#endif
static OM_uint32
-eapGssSmAcceptNegoExtFinished(OM_uint32 *minor,
- gss_cred_id_t cred,
- gss_ctx_id_t ctx,
- gss_name_t target __attribute__((__unused__)),
- gss_OID mech __attribute__((__unused__)),
- OM_uint32 reqFlags __attribute__((__unused__)),
- OM_uint32 timeReq __attribute__((__unused__)),
- gss_channel_bindings_t chanBindings __attribute__((__unused__)),
- gss_buffer_t inputToken,
- gss_buffer_t outputToken,
- int *transitionState)
+eapGssSmAcceptCompleteAcceptorExts(OM_uint32 *minor,
+ gss_cred_id_t cred,
+ gss_ctx_id_t ctx,
+ gss_name_t target __attribute__((__unused__)),
+ gss_OID mech __attribute__((__unused__)),
+ OM_uint32 reqFlags __attribute__((__unused__)),
+ OM_uint32 timeReq __attribute__((__unused__)),
+ gss_channel_bindings_t chanBindings __attribute__((__unused__)),
+ gss_buffer_t inputToken,
+ gss_buffer_t outputToken,
+ OM_uint32 *smFlags)
{
*minor = 0;
- *transitionState = 1;
+ *smFlags |= SM_FLAG_TRANSITION | SM_FLAG_STOP_EVAL;
return GSS_S_COMPLETE;
}
{
ITOK_TYPE_GSS_CHANNEL_BINDINGS,
ITOK_TYPE_NONE,
- GSSEAP_STATE_NEGO_EXT,
+ GSSEAP_STATE_INITIATOR_EXTS,
1, /* critical */
1, /* required */
eapGssSmAcceptGssChannelBindings,
},
+ {
+ ITOK_TYPE_NONE,
+ ITOK_TYPE_NONE,
+ GSSEAP_STATE_INITIATOR_EXTS,
+ 1, /* critical */
+ 1, /* required */
+ eapGssSmAcceptCompleteInitiatorExts,
+ },
#ifdef GSSEAP_ENABLE_REAUTH
{
ITOK_TYPE_NONE,
ITOK_TYPE_REAUTH_CREDS,
- GSSEAP_STATE_NEGO_EXT,
+ GSSEAP_STATE_ACCEPTOR_EXTS,
0, /* critical */
0, /* required */
eapGssSmAcceptReauthCreds,
{
ITOK_TYPE_NONE,
ITOK_TYPE_NONE,
- GSSEAP_STATE_NEGO_EXT,
+ GSSEAP_STATE_ACCEPTOR_EXTS,
1, /* critical */
1, /* required */
- eapGssSmAcceptNegoExtFinished
+ eapGssSmAcceptCompleteAcceptorExts
},
};
if (GSS_ERROR(major))
return major;
- ctx->state = GSSEAP_STATE_NEGO_EXT; /* skip */
-
*minor = 0;
- return GSS_S_COMPLETE; /* advance state */
+ return GSS_S_COMPLETE;
}
static OM_uint32
gss_channel_bindings_t chanBindings,
gss_buffer_t inputToken,
gss_buffer_t outputToken,
- int *transitionState)
+ OM_uint32 *smFlags)
{
OM_uint32 major, tmpMinor;
gss_name_t krbInitiator = GSS_C_NO_NAME;
if (major == GSS_S_COMPLETE) {
major = acceptReadyKrb(minor, ctx, cred,
krbInitiator, mech, timeRec);
- *transitionState = 1;
+ if (major == GSS_S_COMPLETE) {
+ ctx->state = GSSEAP_STATE_ACCEPTOR_EXTS;
+ *smFlags |= SM_FLAG_TRANSITION | SM_FLAG_STOP_EVAL;
+ }
}
ctx->gssFlags = gssFlags;