* SUCH DAMAGES.
*/
-#include "config.h"
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif /* HAVE_CONFIG_H */
#ifdef HAVE_LUCID_CONTEXT_SUPPORT
#include <stdio.h>
#include <syslog.h>
#include <string.h>
+
+#include <gssapi/gssapi_krb5.h>
+
#include "gss_util.h"
#include "gss_oids.h"
#include "err_util.h"
#include "context.h"
-#include <krb5.h>
-#include <gssapi/gssapi.h>
#ifndef OM_uint64
typedef uint64_t OM_uint64;
#endif
-#include <gssapi/gssapi_krb5.h>
static int
write_lucid_keyblock(char **p, char *end, gss_krb5_lucid_key_t *key)
static int
prepare_krb5_rfc1964_buffer(gss_krb5_lucid_context_v1_t *lctx,
- gss_buffer_desc *buf)
+ gss_buffer_desc *buf, int32_t *endtime)
{
+#define FAKESEED_SIZE 16
char *p, *end;
static int constant_zero = 0;
- unsigned char fakeseed[16];
+ unsigned char fakeseed[FAKESEED_SIZE];
uint32_t word_send_seq;
gss_krb5_lucid_key_t enc_key;
int i;
*/
memset(&enc_key, 0, sizeof(enc_key));
memset(&fakeoid, 0, sizeof(fakeoid));
+ memset(fakeseed, 0, FAKESEED_SIZE);
if (!(buf->value = calloc(1, MAX_CTX_LEN)))
goto out_err;
/* seed_init and seed not used by kernel anyway */
if (WRITE_BYTES(&p, end, constant_zero)) goto out_err;
- if (write_bytes(&p, end, &fakeseed, 16)) goto out_err;
+ if (write_bytes(&p, end, &fakeseed, FAKESEED_SIZE)) goto out_err;
if (WRITE_BYTES(&p, end, lctx->rfc1964_kd.sign_alg)) goto out_err;
if (WRITE_BYTES(&p, end, lctx->rfc1964_kd.seal_alg)) goto out_err;
if (WRITE_BYTES(&p, end, lctx->endtime)) goto out_err;
+ if (endtime)
+ *endtime = lctx->endtime;
word_send_seq = lctx->send_seq; /* XXX send_seq is 64-bit */
if (WRITE_BYTES(&p, end, word_send_seq)) goto out_err;
if (write_oid(&p, end, &krb5oid)) goto out_err;
static int
prepare_krb5_rfc_cfx_buffer(gss_krb5_lucid_context_v1_t *lctx,
- gss_buffer_desc *buf)
+ gss_buffer_desc *buf, int32_t *endtime)
{
printerr(0, "ERROR: prepare_krb5_rfc_cfx_buffer: not implemented\n");
return -1;
int
-serialize_krb5_ctx(gss_ctx_id_t ctx, gss_buffer_desc *buf)
+serialize_krb5_ctx(gss_ctx_id_t ctx, gss_buffer_desc *buf, int32_t *endtime)
{
OM_uint32 maj_stat, min_stat;
void *return_ctx = 0;
/* Now lctx points to a lucid context that we can send down to kernel */
if (lctx->protocol == 0)
- retcode = prepare_krb5_rfc1964_buffer(lctx, buf);
+ retcode = prepare_krb5_rfc1964_buffer(lctx, buf, endtime);
else
- retcode = prepare_krb5_rfc_cfx_buffer(lctx, buf);
+ retcode = prepare_krb5_rfc_cfx_buffer(lctx, buf, endtime);
maj_stat = gss_free_lucid_sec_context(&min_stat, ctx, return_ctx);
if (maj_stat != GSS_S_COMPLETE) {