if (GSS_ERROR(major))
return major;
+ if (ctx->expiryTime < time(NULL)) {
+ *minor = GSSEAP_CRED_EXPIRED;
+ return GSS_S_CREDENTIALS_EXPIRED;
+ }
+
*minor = 0;
return GSS_S_COMPLETE;
}
error_code GSSEAP_BAD_USAGE, "Credential usage type is unknown"
error_code GSSEAP_CRED_USAGE_MISMATCH, "Credential usage does not match requested usage"
error_code GSSEAP_CRED_MECH_MISMATCH, "Credential is not usable with this mechanism"
+error_code GSSEAP_CRED_EXPIRED, "Attributes indicate credentials have expired"
error_code GSSEAP_BAD_CRED_OPTION, "Bad credential option"
error_code GSSEAP_NO_DEFAULT_IDENTITY, "Default credentials identity unavailable"
error_code GSSEAP_NO_DEFAULT_CRED, "Missing default password or other credentials"
-
#
# Wrap/unwrap/PRF errors
#
gss_OID_set *mechanisms)
{
OM_uint32 major;
+ time_t now, lifetime;
if (cred == NULL) {
*minor = EINVAL;
goto cleanup;
}
- if (pLifetime != NULL) {
- time_t now, lifetime;
-
- if (cred->expiryTime == 0) {
- lifetime = GSS_C_INDEFINITE;
- } else {
- now = time(NULL);
- lifetime = now - cred->expiryTime;
- if (lifetime < 0)
- lifetime = 0;
- }
-
- *pLifetime = lifetime;
- }
-
if (cred_usage != NULL) {
OM_uint32 flags = (cred->flags & (CRED_FLAG_INITIATE | CRED_FLAG_ACCEPT));
goto cleanup;
}
+ if (cred->expiryTime == 0) {
+ lifetime = GSS_C_INDEFINITE;
+ } else {
+ now = time(NULL);
+ lifetime = now - cred->expiryTime;
+ if (lifetime < 0)
+ lifetime = 0;
+ }
+
+ if (pLifetime != NULL) {
+ *pLifetime = lifetime;
+ }
+
+ if (lifetime == 0) {
+ major = GSS_S_CREDENTIALS_EXPIRED;
+ *minor = GSSEAP_CRED_EXPIRED;
+ goto cleanup;
+ }
+
major = GSS_S_COMPLETE;
*minor = 0;