make it possible to build without acceptor

[moonshot.git] / moonshot / mech_eap / util_context.c

diff --git a/moonshot/mech_eap/util_context.c b/moonshot/mech_eap/util_context.c
index 5c6bbc8..80324bf 100644 (file)
--- a/moonshot/mech_eap/util_context.c
+++ b/moonshot/mech_eap/util_context.c
@@ -58,6 +58,7 @@ gssEapAllocContext(OM_uint32 *minor,
     }
 
     ctx->state = GSSEAP_STATE_INITIAL;
+    ctx->mechanismUsed = GSS_C_NO_OID;
 
     /*
      * Integrity, confidentiality, sequencing and replay detection are
@@ -83,6 +84,7 @@ releaseInitiatorContext(struct gss_eap_initiator_ctx *ctx)
     eap_peer_sm_deinit(ctx->eap);
 }
 
+#ifdef GSSEAP_ENABLE_ACCEPTOR
 static void
 releaseAcceptorContext(struct gss_eap_acceptor_ctx *ctx)
 {
@@ -98,6 +100,7 @@ releaseAcceptorContext(struct gss_eap_acceptor_ctx *ctx)
     if (ctx->vps != NULL)
         gssEapRadiusFreeAvps(&tmpMinor, &ctx->vps);
 }
+#endif
 
 OM_uint32
 gssEapReleaseContext(OM_uint32 *minor,
@@ -120,16 +123,19 @@ gssEapReleaseContext(OM_uint32 *minor,
 #endif
     if (CTX_IS_INITIATOR(ctx)) {
         releaseInitiatorContext(&ctx->initiatorCtx);
-    } else {
+    }
+#ifdef GSSEAP_ENABLE_ACCEPTOR
+    else {
         releaseAcceptorContext(&ctx->acceptorCtx);
     }
+#endif
 
     krb5_free_keyblock_contents(krbContext, &ctx->rfc3961Key);
     gssEapReleaseName(&tmpMinor, &ctx->initiatorName);
     gssEapReleaseName(&tmpMinor, &ctx->acceptorName);
     gssEapReleaseOid(&tmpMinor, &ctx->mechanismUsed);
     sequenceFree(&tmpMinor, &ctx->seqState);
-    gssEapReleaseCred(&tmpMinor, &ctx->defaultCred);
+    gssEapReleaseCred(&tmpMinor, &ctx->cred);
 
     GSSEAP_MUTEX_DESTROY(&ctx->mutex);
 
@@ -150,6 +156,8 @@ gssEapMakeToken(OM_uint32 *minor,
 {
     unsigned char *p;
 
+    assert(ctx->mechanismUsed != GSS_C_NO_OID);
+
     outputToken->length = tokenSize(ctx->mechanismUsed, innerToken->length);
     outputToken->value = GSSEAP_MALLOC(outputToken->length);
     if (outputToken->value == NULL) {
@@ -235,29 +243,37 @@ gssEapMakeOrVerifyTokenMIC(OM_uint32 *minor,
                            int verifyMIC)
 {
     OM_uint32 major;
-    gss_iov_buffer_desc *iov;
+    gss_iov_buffer_desc *iov = NULL;
     size_t i = 0, j;
     enum gss_eap_token_type tokType;
     OM_uint32 micTokType;
     unsigned char wireTokType[2];
-    unsigned char *innerTokTypes;
+    unsigned char *innerTokTypes = NULL, *innerTokLengths = NULL;
     const struct gss_eap_token_buffer_set *tokens;
 
     tokens = verifyMIC ? ctx->inputTokens : ctx->outputTokens;
 
     assert(tokens != NULL);
 
-    iov = GSSEAP_CALLOC(2 + (2 * tokens->buffers.count) + 1, sizeof(*iov));
+    iov = GSSEAP_CALLOC(2 + (3 * tokens->buffers.count) + 1, sizeof(*iov));
     if (iov == NULL) {
+        major = GSS_S_FAILURE;
         *minor = ENOMEM;
-        return GSS_S_FAILURE;
+        goto cleanup;
     }
 
     innerTokTypes = GSSEAP_MALLOC(4 * tokens->buffers.count);
     if (innerTokTypes == NULL) {
-        GSSEAP_FREE(iov);
         *minor = ENOMEM;
-        return GSS_S_FAILURE;
+        major = GSS_S_FAILURE;
+        goto cleanup;
+    }
+
+    innerTokLengths = GSSEAP_MALLOC(4 * tokens->buffers.count);
+    if (innerTokLengths == NULL) {
+        major = GSS_S_FAILURE;
+        *minor = ENOMEM;
+        goto cleanup;
     }
 
     /* Mechanism OID */
@@ -295,6 +311,13 @@ gssEapMakeOrVerifyTokenMIC(OM_uint32 *minor,
         i++;
 
         iov[i].type = GSS_IOV_BUFFER_TYPE_DATA;
+        iov[i].buffer.length = 4;
+        iov[i].buffer.value = &innerTokLengths[j * 4];
+        store_uint32_be(tokens->buffers.elements[j].length,
+                        iov[i].buffer.value);
+        i++;
+
+        iov[i].type = GSS_IOV_BUFFER_TYPE_DATA;
         iov[i].buffer = tokens->buffers.elements[j];
         i++;
     }
@@ -302,7 +325,7 @@ gssEapMakeOrVerifyTokenMIC(OM_uint32 *minor,
     if (verifyMIC) {
         assert(tokenMIC->length >= 16);
 
-        assert(i < 2 + (2 * tokens->buffers.count));
+        assert(i < 2 + (3 * tokens->buffers.count));
 
         iov[i].type = GSS_IOV_BUFFER_TYPE_HEADER;
         iov[i].buffer.length = 16;
@@ -324,8 +347,13 @@ gssEapMakeOrVerifyTokenMIC(OM_uint32 *minor,
             *tokenMIC = iov[i - 1].buffer;
     }
 
-    gssEapReleaseIov(iov, tokens->buffers.count);
-    GSSEAP_FREE(innerTokTypes);
+cleanup:
+    if (iov != NULL)
+        gssEapReleaseIov(iov, tokens->buffers.count);
+    if (innerTokTypes != NULL)
+        GSSEAP_FREE(innerTokTypes);
+    if (innerTokLengths != NULL)
+        GSSEAP_FREE(innerTokLengths);
 
     return major;
 }