}
if (ctx != GSS_C_NO_CONTEXT) {
- OM_uint32 minor;
- gss_buffer_desc contextbuf;
- contextbuf.length = 0;
- contextbuf.value = NULL;
- OM_uint32 major = gss_export_sec_context(&minor, &ctx, &contextbuf);
+ OM_uint32 major, minor;
+ gss_buffer_desc contextbuf = GSS_C_EMPTY_BUFFER;
+
+ major = gss_export_sec_context(&minor, &ctx, &contextbuf);
if (major == GSS_S_COMPLETE) {
- xsecsize_t len=0;
- XMLByte* out=Base64::encode(reinterpret_cast<const XMLByte*>(contextbuf.value), contextbuf.length, &len);
- if (out) {
- string s;
- s.append(reinterpret_cast<char*>(out), len);
- auto_ptr_XMLCh temp(s.c_str());
+ addToken(&contextbuf);
+ } else {
+ Category::getInstance(SHIBRESOLVER_LOGCAT).error("error exporting GSS context");
+ }
+ }
+}
+
+void ShibbolethResolver::addToken(const gss_buffer_t contextbuf)
+{
+ xsecsize_t len=0;
+ XMLByte* out=Base64::encode(reinterpret_cast<const XMLByte*>(contextbuf->value), contextbuf->length, &len);
+ if (out) {
+ string s;
+ s.append(reinterpret_cast<char*>(out), len);
+ auto_ptr_XMLCh temp(s.c_str());
#ifdef SHIBSP_XERCESC_HAS_XMLBYTE_RELEASE
- XMLString::release(&out);
+ XMLString::release(&out);
#else
- XMLString::release((char**)&out);
+ XMLString::release((char**)&out);
#endif
- static const XMLCh _GSSAPI[] = UNICODE_LITERAL_6(G,S,S,A,P,I);
- m_gsswrapper = new AnyElementImpl(shibspconstants::SHIB2ATTRIBUTEMAP_NS, _GSSAPI);
- m_gsswrapper->setTextContent(temp.get());
- }
- else {
- Category::getInstance(SHIBRESOLVER_LOGCAT).error("error while base64-encoding GSS context");
- }
- }
- else {
- Category::getInstance(SHIBRESOLVER_LOGCAT).error("error exporting GSS context");
- }
+ static const XMLCh _GSSAPI[] = UNICODE_LITERAL_6(G,S,S,A,P,I);
+ m_gsswrapper = new AnyElementImpl(shibspconstants::SHIB2ATTRIBUTEMAP_NS, _GSSAPI);
+ m_gsswrapper->setTextContent(temp.get());
+ }
+ else {
+ Category::getInstance(SHIBRESOLVER_LOGCAT).error("error while base64-encoding GSS context");
}
}
#endif
#ifdef SHIBRESOLVER_HAVE_GSSAPI
/**
* Adds a GSS-API security context as input to the resolver.
- * <p>The caller retains ownership of the context.
+ * <p>The caller releases ownership of the context.
*
* @param ctx an input context to evaluate
*/
void addToken(gss_ctx_id_t ctx);
+
+ /**
+ * Adds a GSS-API exported security context as input to
+ * the resolver.
+ * <p>The caller retains ownership of the buffer.
+ *
+ * @param ctx an input exported security context to evaluate
+ */
+ void addToken(gss_buffer_t token);
#endif
/**