From d4f5c19c1dd4664b7f43aa4e60c820ee37f2f1e4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= Date: Thu, 11 Dec 2008 04:50:22 +0000 Subject: [PATCH] make IS_CFX a more_flag git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24057 ec53bebd-3082-4978-b11e-865c3cabbd6b --- lib/gssapi/krb5/accept_sec_context.c | 14 +++++++------- lib/gssapi/krb5/gsskrb5_locl.h | 3 ++- lib/gssapi/krb5/init_sec_context.c | 6 ++++-- lib/gssapi/krb5/inquire_sec_context_by_oid.c | 4 ++-- 4 files changed, 15 insertions(+), 12 deletions(-) diff --git a/lib/gssapi/krb5/accept_sec_context.c b/lib/gssapi/krb5/accept_sec_context.c index 626afa938..9459a3209 100644 --- a/lib/gssapi/krb5/accept_sec_context.c +++ b/lib/gssapi/krb5/accept_sec_context.c @@ -74,12 +74,9 @@ _gsskrb5_register_acceptor_identity (const char *identity) } void -_gsskrb5i_is_cfx(gsskrb5_ctx ctx, int *is_cfx) +_gsskrb5i_is_cfx(gsskrb5_ctx ctx, int acceptor) { krb5_keyblock *key; - int acceptor = (ctx->more_flags & LOCAL) == 0; - - *is_cfx = 0; if (acceptor) { if (ctx->auth_context->local_subkey) @@ -108,7 +105,8 @@ _gsskrb5i_is_cfx(gsskrb5_ctx ctx, int *is_cfx) case ETYPE_ARCFOUR_HMAC_MD5_56: break; default : - *is_cfx = 1; + ctx->more_flags |= IS_CFX; + if ((acceptor && ctx->auth_context->local_subkey) || (!acceptor && ctx->auth_context->remote_subkey)) ctx->more_flags |= ACCEPTOR_SUBKEY; @@ -210,7 +208,8 @@ gsskrb5_acceptor_ready(OM_uint32 * minor_status, ctx->auth_context, &seq_number); - _gsskrb5i_is_cfx(ctx, &is_cfx); + _gsskrb5i_is_cfx(ctx, 1); + is_cfx = (ctx->more_flags & IS_CFX); ret = _gssapi_msg_order_create(minor_status, &ctx->order, @@ -526,7 +525,8 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status, krb5_data outbuf; int use_subkey = 0; - _gsskrb5i_is_cfx(ctx, &is_cfx); + _gsskrb5i_is_cfx(ctx, 1); + is_cfx = (ctx->more_flags & IS_CFX); if (is_cfx || (ap_options & AP_OPTS_USE_SUBKEY)) { use_subkey = 1; diff --git a/lib/gssapi/krb5/gsskrb5_locl.h b/lib/gssapi/krb5/gsskrb5_locl.h index 6db842395..a9ce231bd 100644 --- a/lib/gssapi/krb5/gsskrb5_locl.h +++ b/lib/gssapi/krb5/gsskrb5_locl.h @@ -64,7 +64,8 @@ typedef struct { COMPAT_OLD_DES3_SELECTED = 8, ACCEPTOR_SUBKEY = 16, RETRIED = 32, - CLOSE_CCACHE = 64 + CLOSE_CCACHE = 64, + IS_CFX = 128 } more_flags; enum gss_ctx_id_t_state { /* initiator states */ diff --git a/lib/gssapi/krb5/init_sec_context.c b/lib/gssapi/krb5/init_sec_context.c index dfa0e935e..d71582c3a 100644 --- a/lib/gssapi/krb5/init_sec_context.c +++ b/lib/gssapi/krb5/init_sec_context.c @@ -257,7 +257,8 @@ gsskrb5_initiator_ready( krb5_auth_getremoteseqnumber (context, ctx->auth_context, &seq_number); - _gsskrb5i_is_cfx(ctx, &is_cfx); + _gsskrb5i_is_cfx(ctx, 0); + is_cfx = (ctx->more_flags & IS_CFX); ret = _gssapi_msg_order_create(minor_status, &ctx->order, @@ -759,7 +760,8 @@ repl_mutual krb5_free_ap_rep_enc_part (context, repl); - _gsskrb5i_is_cfx(ctx, &is_cfx); + _gsskrb5i_is_cfx(ctx, 0); + is_cfx = (ctx->more_flags & IS_CFX); if (is_cfx) { krb5_keyblock *key = NULL; diff --git a/lib/gssapi/krb5/inquire_sec_context_by_oid.c b/lib/gssapi/krb5/inquire_sec_context_by_oid.c index 8d4070629..395eda393 100644 --- a/lib/gssapi/krb5/inquire_sec_context_by_oid.c +++ b/lib/gssapi/krb5/inquire_sec_context_by_oid.c @@ -242,7 +242,7 @@ static OM_uint32 inquire_sec_context_has_updated_spnego * mechanism. */ HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); - _gsskrb5i_is_cfx(context_handle, &is_updated); + is_updated = (context_handle->more_flags & IS_CFX); if (is_updated == 0) { krb5_keyblock *acceptor_subkey; @@ -282,7 +282,7 @@ export_lucid_sec_context_v1(OM_uint32 *minor_status, HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); - _gsskrb5i_is_cfx(context_handle, &is_cfx); + is_cfx = (context_handle->more_flags & IS_CFX); sp = krb5_storage_emem(); if (sp == NULL) {