case GSSEAP_STATE_ACCEPTOR_EXTS:
s = "ACCEPTOR_EXTS";
break;
+#ifdef GSSEAP_ENABLE_REAUTH
case GSSEAP_STATE_REAUTHENTICATE:
s = "REAUTHENTICATE";
break;
+#endif
case GSSEAP_STATE_ESTABLISHED:
s = "ESTABLISHED";
break;
unsigned int smFlags = 0;
size_t i, j;
int initialContextToken = 0;
+ enum gss_eap_token_type tokType;
assert(smCount > 0);
outputToken->value = NULL;
if (inputToken != GSS_C_NO_BUFFER && inputToken->length != 0) {
- enum gss_eap_token_type tokType;
-
major = gssEapVerifyToken(minor, ctx, inputToken, &tokType,
&unwrappedInputToken);
if (GSS_ERROR(major))
goto cleanup;
- if (tokType != TOK_TYPE_ESTABLISH_CONTEXT) {
+ if (tokType != (CTX_IS_INITIATOR(ctx)
+ ? TOK_TYPE_ACCEPTOR_CONTEXT : TOK_TYPE_INITIATOR_CONTEXT)) {
major = GSS_S_DEFECTIVE_TOKEN;
*minor = GSSEAP_WRONG_TOK_ID;
goto cleanup;
tmpMajor = gssEapEncodeInnerTokens(&tmpMinor, innerOutputTokens,
outputTokenTypes, &unwrappedOutputToken);
if (tmpMajor == GSS_S_COMPLETE) {
+ if (CTX_IS_INITIATOR(ctx))
+ tokType = TOK_TYPE_INITIATOR_CONTEXT;
+ else
+ tokType = TOK_TYPE_ACCEPTOR_CONTEXT;
+
tmpMajor = gssEapMakeToken(&tmpMinor, ctx, &unwrappedOutputToken,
- TOK_TYPE_ESTABLISH_CONTEXT, outputToken);
+ tokType, outputToken);
if (GSS_ERROR(tmpMajor)) {
major = tmpMajor;
*minor = tmpMinor;