#include <errno.h>
#include <unistd.h>
#include <stdlib.h>
+#include <stdarg.h>
#include <time.h>
#include <sys/param.h>
/* GSS headers */
#include <gssapi/gssapi.h>
#include <gssapi/gssapi_krb5.h>
-#ifndef HAVE_HEIMDAL_VERSION
+#ifdef HAVE_HEIMDAL_VERSION
+typedef struct gss_any *gss_any_t;
+#else
#include <gssapi/gssapi_ext.h>
#endif
#include "gssapi_eap.h"
{
GSSEAP_MUTEX mutex; /* mutex protects attrCtx */
OM_uint32 flags;
+ gss_OID mechanismUsed; /* this is immutable */
krb5_principal krbPrincipal; /* this is immutable */
struct gss_eap_attr_ctx *attrCtx;
};
#define CTX_FLAG_INITIATOR 0x00000001
#define CTX_FLAG_KRB_REAUTH 0x00000002
+#define CTX_FLAG_KRB_REAUTH_SUPPORTED 0x00000004
#define CTX_IS_INITIATOR(ctx) (((ctx)->flags & CTX_FLAG_INITIATOR) != 0)
struct gss_eap_initiator_ctx {
unsigned int idleWhile;
-#ifndef __cplusplus
struct eap_peer_config eapPeerConfig;
struct eap_sm *eap;
struct wpabuf reqData;
-#endif
};
struct gss_eap_acceptor_ctx {
struct gss_eap_acceptor_ctx acceptor;
#define acceptorCtx ctxU.acceptor
#ifdef GSSEAP_ENABLE_REAUTH
- gss_ctx_id_t kerberos;
- #define kerberosCtx ctxU.kerberos
+ gss_ctx_id_t reauth;
+ #define reauthCtx ctxU.reauth
#endif
} ctxU;
+ gss_buffer_desc conversation;
};
#define TOK_FLAG_SENDER_IS_ACCEPTOR 0x01
#define IS_WIRE_ERROR(err) ((err) > GSSEAP_RESERVED && \
(err) <= GSSEAP_RADIUS_PROT_FAILURE)
+/* export_sec_context.c */
+OM_uint32
+gssEapExportSecContext(OM_uint32 *minor,
+ gss_ctx_id_t ctx,
+ gss_buffer_t token);
+
+
#ifdef __cplusplus
}
#endif