/*-------------*/
static int accept_sec_context (gss_ctx_id_t *context, gss_cred_id_t server_creds,
gss_buffer_desc *ticket_buffer, gss_name_t *client_name,
gss_buffer_desc *authenticator_buff)
{
OM_uint32 major_status = 0, minor_status = 0, ret_flags;
/* Initialize autheticator buffer. */
authenticator_buff->length = 0;
authenticator_buff->value = NULL;
LOG(log_debug, logtype_uams, "accept_context: accepting context (ticketlen: %u)",
ticket_buffer->length);
/*
* Try to accept the secondary context using the tocken in ticket_buffer.
* We don't care about the mechanisms used, nor for the time.
* We don't act as a proxy either.
*/
major_status = gss_accept_sec_context( &minor_status, context,
server_creds, ticket_buffer, GSS_C_NO_CHANNEL_BINDINGS,
client_name, NULL, authenticator_buff,
&ret_flags, NULL, NULL );
if (major_status != GSS_S_COMPLETE) {
log_status( "accept_sec_context", major_status, minor_status );
return 1;
}
log_ctx_flags( ret_flags );
return 0;
}
static int accept_sec_context(gss_ctx_id_t *context,
gss_buffer_desc *ticket_buffer,
gss_name_t *client_name,
gss_buffer_desc *authenticator_buff)
{
OM_uint32 major_status = 0, minor_status = 0, flags = 0;
/* Initialize autheticator buffer. */
authenticator_buff->length = 0;
authenticator_buff->value = NULL;
LOG_LOGINCONT(log_debug,
"accepting context (ticketlen: %u)",
ticket_buffer->length);
/*
* Try to accept the secondary context using the token in ticket_buffer.
* We don't care about the principals or mechanisms used, nor for the time.
* We don't act as a proxy either.
*/
major_status = gss_accept_sec_context(&minor_status,
context,
GSS_C_NO_CREDENTIAL,
ticket_buffer,
GSS_C_NO_CHANNEL_BINDINGS,
client_name,
NULL,
authenticator_buff,
&flags,
NULL,
NULL);
if (major_status != GSS_S_COMPLETE) {
log_status("gss_accept_sec_context", major_status, minor_status);
return 1;
}
log_ctx_flags(flags);
return 0;
}