projects
/
moonshot.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
48a42b8
)
Always request mutual on reauth to even out number of round trips
author
Luke Howard
<lukeh@padl.com>
Wed, 9 Mar 2011 13:39:47 +0000
(
00:39
+1100)
committer
Luke Howard
<lukeh@padl.com>
Wed, 9 Mar 2011 13:39:47 +0000
(
00:39
+1100)
mech_eap/init_sec_context.c
patch
|
blob
|
history
diff --git
a/mech_eap/init_sec_context.c
b/mech_eap/init_sec_context.c
index
a9dadda
..
cef79d1
100644
(file)
--- a/
mech_eap/init_sec_context.c
+++ b/
mech_eap/init_sec_context.c
@@
-459,7
+459,7
@@
eapGssSmInitGssReauth(OM_uint32 *minor,
&ctx->kerberosCtx,
mechTarget,
(gss_OID)gss_mech_krb5,
&ctx->kerberosCtx,
mechTarget,
(gss_OID)gss_mech_krb5,
- reqFlags,
+ reqFlags
| GSS_C_MUTUAL_FLAG
,
timeReq,
chanBindings,
inputToken,
timeReq,
chanBindings,
inputToken,
@@
-473,6
+473,8
@@
eapGssSmInitGssReauth(OM_uint32 *minor,
ctx->gssFlags = gssFlags;
if (major == GSS_S_COMPLETE) {
ctx->gssFlags = gssFlags;
if (major == GSS_S_COMPLETE) {
+ assert(GSSEAP_SM_STATE(ctx) == GSSEAP_STATE_REAUTHENTICATE);
+
major = gssEapReauthComplete(minor, ctx, cred, actualMech, timeRec);
if (GSS_ERROR(major))
goto cleanup;
major = gssEapReauthComplete(minor, ctx, cred, actualMech, timeRec);
if (GSS_ERROR(major))
goto cleanup;
@@
-735,9
+737,11
@@
eapGssSmInitReauthCreds(OM_uint32 *minor,
{
OM_uint32 major;
{
OM_uint32 major;
- major = gssEapStoreReauthCreds(minor, ctx, cred, inputToken);
- if (GSS_ERROR(major))
- return major;
+ if (ctx->gssFlags & GSS_C_MUTUAL_FLAG) {
+ major = gssEapStoreReauthCreds(minor, ctx, cred, inputToken);
+ if (GSS_ERROR(major))
+ return major;
+ }
*minor = 0;
return GSS_S_CONTINUE_NEEDED;
*minor = 0;
return GSS_S_CONTINUE_NEEDED;