s/kerberosCtx/reauthCtx/g

[moonshot.git] / mech_eap / util_context.c

diff --git a/mech_eap/util_context.c b/mech_eap/util_context.c
index 6aedf17..e9a9308 100644 (file)
--- a/mech_eap/util_context.c
+++ b/mech_eap/util_context.c
@@ -57,7 +57,7 @@ gssEapAllocContext(OM_uint32 *minor,
         return GSS_S_FAILURE;
     }
 
-    ctx->state = GSSEAP_STATE_IDENTITY;
+    ctx->state = GSSEAP_STATE_INITIAL;
 
     /*
      * Integrity, confidentiality, sequencing and replay detection are
@@ -115,7 +115,7 @@ gssEapReleaseContext(OM_uint32 *minor,
 
 #ifdef GSSEAP_ENABLE_REAUTH
     if (ctx->flags & CTX_FLAG_KRB_REAUTH) {
-        gssDeleteSecContext(&tmpMinor, &ctx->kerberosCtx, GSS_C_NO_BUFFER);
+        gssDeleteSecContext(&tmpMinor, &ctx->reauthCtx, GSS_C_NO_BUFFER);
     } else
 #endif
     if (CTX_IS_INITIATOR(ctx)) {
@@ -192,16 +192,9 @@ gssEapVerifyToken(OM_uint32 *minor,
         return major;
 
     if (ctx->mechanismUsed == GSS_C_NO_OID) {
-        if (!gssEapIsConcreteMechanismOid(oid)) {
-            *minor = GSSEAP_WRONG_MECH;
-            return GSS_S_BAD_MECH;
-        }
-
-        if (!gssEapInternalizeOid(oid, &ctx->mechanismUsed)) {
-            major = duplicateOid(minor, oid, &ctx->mechanismUsed);
-            if (GSS_ERROR(major))
-                return major;
-        }
+        major = gssEapCanonicalizeOid(minor, oid, 0, &ctx->mechanismUsed);
+        if (GSS_ERROR(major))
+            return major;
     }
 
     innerInputToken->length = bodySize;
@@ -216,6 +209,8 @@ gssEapContextTime(OM_uint32 *minor,
                   gss_ctx_id_t context_handle,
                   OM_uint32 *time_rec)
 {
+    *minor = 0;
+
     if (context_handle->expiryTime == 0) {
         *time_rec = GSS_C_INDEFINITE;
     } else {