2 * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * Portions Copyright (c) 2004 PADL Software Pty Ltd.
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "spnego_locl.h"
38 OM_uint32 name(OM_uint32 *, gss_const_cred_id_t, gssspnego_ctx, \
39 gss_const_name_t, gss_const_OID, \
40 OM_uint32, OM_uint32, const gss_channel_bindings_t, \
41 gss_const_buffer_t, gss_buffer_t, \
42 OM_uint32 *, OM_uint32 *)
44 GSISC(spnego_initial);
46 GSISC(wait_server_mic);
47 GSISC(step_completed);
51 * Is target_name an sane target for `mech´.
55 initiator_approved(OM_uint32 *minor_status,
57 gss_const_name_t target_name,
58 gss_const_cred_id_t cred,
61 OM_uint32 min_stat, maj_stat;
62 gss_ctx_id_t ctx = GSS_C_NO_CONTEXT;
64 struct gssspnego_optimistic_ctx *sel = userptr;
65 gss_OID negotiated_mech_type = GSS_C_NO_OID;
66 OM_uint32 flags = 0, time_rec = 0;
70 maj_stat = gss_init_sec_context(&min_stat,
77 sel->input_chan_bindings,
79 &negotiated_mech_type,
83 if (GSS_ERROR(maj_stat)) {
84 gss_mg_collect_error(mech, maj_stat, min_stat);
85 *minor_status = min_stat;
89 if (gssspi_query_mechanism_info(&min_stat, mech, scheme) == GSS_S_COMPLETE)
92 if (sel->preferred_mech_type == GSS_C_NO_OID) {
93 sel->preferred_mech_type = mech;
94 sel->negotiated_mech_type = negotiated_mech_type;
95 sel->optimistic_token = out;
96 sel->optimistic_flags = flags;
97 sel->optimistic_time_rec = time_rec;
99 if (maj_stat == GSS_S_COMPLETE)
102 memcpy(sel->scheme, scheme, GUID_LENGTH);
104 gss_release_buffer(&min_stat, &out);
105 gss_delete_sec_context(&min_stat, &ctx, NULL);
108 maj_stat = GSS_S_COMPLETE;
111 maj_stat = _gss_negoex_add_auth_mech(minor_status, sel->spnegoctx,
119 * Send a reply. Note that we only need to send a reply if we
120 * need to send a MIC or a mechanism token. Otherwise, we can
121 * return an empty buffer.
123 * The return value of this will be returned to the API, so it
124 * must return GSS_S_CONTINUE_NEEDED if a token was generated.
127 make_reply(OM_uint32 *minor_status,
129 gss_buffer_t mech_token,
130 gss_buffer_t output_token)
133 gss_buffer_desc mic_buf;
134 OM_uint32 ret, minor;
138 memset(&nt, 0, sizeof(nt));
140 nt.element = choice_NegotiationToken_negTokenResp;
142 nt.u.negTokenResp.negState = NULL;
143 nt.u.negTokenResp.supportedMech = NULL;
145 output_token->length = 0;
146 output_token->value = NULL;
148 /* figure out our status */
150 if (ctx->flags.open) {
151 if (ctx->flags.verified_mic == 1 || ctx->flags.require_mic == 0)
152 state = accept_completed;
154 state = accept_incomplete;
156 state = accept_incomplete;
159 if (mech_token->length == 0) {
160 nt.u.negTokenResp.responseToken = NULL;
162 ALLOC(nt.u.negTokenResp.responseToken, 1);
163 if (nt.u.negTokenResp.responseToken == NULL) {
164 free_NegotiationToken(&nt);
165 *minor_status = ENOMEM;
166 return GSS_S_FAILURE;
168 nt.u.negTokenResp.responseToken->length = mech_token->length;
169 nt.u.negTokenResp.responseToken->data = mech_token->value;
170 mech_token->length = 0;
171 mech_token->value = NULL;
175 * XXX should limit when we send the MIC ?
177 if (ctx->flags.open && ctx->flags.sent_mic == 0) {
179 ctx->flags.sent_mic = 1;
181 ret = gss_get_mic(minor_status,
182 ctx->negotiated_ctx_id,
184 &ctx->NegTokenInit_mech_types,
186 if (ret == GSS_S_COMPLETE) {
187 _gss_spnego_ntlm_reset_crypto(&minor, ctx, FALSE);
189 ALLOC(nt.u.negTokenResp.mechListMIC, 1);
190 if (nt.u.negTokenResp.mechListMIC == NULL) {
191 gss_release_buffer(minor_status, &mic_buf);
192 free_NegotiationToken(&nt);
193 *minor_status = ENOMEM;
194 return GSS_S_FAILURE;
197 nt.u.negTokenResp.mechListMIC->length = mic_buf.length;
198 nt.u.negTokenResp.mechListMIC->data = mic_buf.value;
199 /* mic_buf free()d with nt */
200 } else if (ret == GSS_S_UNAVAILABLE) {
201 /* lets hope that its ok to not send te mechListMIC for broken mechs */
202 nt.u.negTokenResp.mechListMIC = NULL;
203 ctx->flags.require_mic = 0;
205 free_NegotiationToken(&nt);
206 *minor_status = ENOMEM;
207 return gss_mg_set_error_string(GSS_SPNEGO_MECHANISM,
209 "SPNEGO failed to sign MIC");
212 nt.u.negTokenResp.mechListMIC = NULL;
215 ALLOC(nt.u.negTokenResp.negState, 1);
216 if (nt.u.negTokenResp.negState == NULL) {
217 free_NegotiationToken(&nt);
218 *minor_status = ENOMEM;
219 return GSS_S_FAILURE;
221 *nt.u.negTokenResp.negState = state;
223 ASN1_MALLOC_ENCODE(NegotiationToken,
224 output_token->value, output_token->length,
226 free_NegotiationToken(&nt);
229 return GSS_S_FAILURE;
232 if (state != accept_completed)
233 return GSS_S_CONTINUE_NEEDED;
235 return GSS_S_COMPLETE;
239 spnego_initial(OM_uint32 * minor_status,
240 gss_const_cred_id_t cred,
242 gss_const_name_t target_name,
243 gss_const_OID mech_type,
246 const gss_channel_bindings_t input_chan_bindings,
247 gss_const_buffer_t input_token,
248 gss_buffer_t output_token,
249 OM_uint32 * ret_flags,
250 OM_uint32 * time_rec)
254 OM_uint32 sub, minor;
255 gss_buffer_desc mech_token;
257 gss_buffer_desc data;
258 struct gssspnego_optimistic_ctx sel;
262 memset(&nt, 0, sizeof(nt));
264 if (target_name == GSS_C_NO_NAME)
265 return GSS_S_BAD_NAME;
267 sub = gss_duplicate_name(&minor, target_name, &ctx->target_name);
268 if (GSS_ERROR(sub)) {
269 *minor_status = minor;
273 nt.element = choice_NegotiationToken_negTokenInit;
275 ctx->flags.local = 1;
277 memset(&sel, 0, sizeof(sel));
280 sel.target_name = ctx->target_name;
281 sel.preferred_mech_type = GSS_C_NO_OID;
282 sel.req_flags = req_flags;
283 sel.time_req = time_req;
284 sel.input_chan_bindings = (gss_channel_bindings_t)input_chan_bindings;
286 sub = _gss_spnego_indicate_mechtypelist(&minor,
293 &nt.u.negTokenInit.mechTypes,
294 &ctx->preferred_mech_type);
295 if (GSS_ERROR(sub)) {
296 *minor_status = minor;
300 _gss_spnego_log_mechTypes(&nt.u.negTokenInit.mechTypes);
302 nt.u.negTokenInit.reqFlags = NULL;
304 if (gss_oid_equal(ctx->preferred_mech_type, GSS_NEGOEX_MECHANISM)) {
305 struct negoex_auth_mech *mech;
307 sub = _gss_negoex_init(&minor,
316 if (GSS_ERROR(sub)) {
317 free_NegotiationToken(&nt);
318 return gss_mg_set_error_string(GSS_C_NO_OID, sub, minor,
319 "NegoEx could not generate a context token");
321 mech = _gss_negoex_negotiated_mech(ctx);
322 ctx->flags.maybe_open = mech && mech->complete;
323 gss_release_buffer(&minor, &sel.optimistic_token);
325 /* optimistic token from selection context */
326 mech_token = sel.optimistic_token;
327 ctx->mech_flags = sel.optimistic_flags;
328 ctx->mech_time_rec = sel.optimistic_time_rec;
329 ctx->negotiated_mech_type = sel.negotiated_mech_type;
330 ctx->negotiated_ctx_id = sel.gssctx;
331 ctx->flags.maybe_open = sel.complete;
334 if (ctx->preferred_mech_type == GSS_C_NO_OID) {
335 free_NegotiationToken(&nt);
337 return gss_mg_set_error_string(GSS_C_NO_OID, GSS_S_NO_CONTEXT, 0,
338 "SPNEGO could not find a preferred mechanism");
342 if (mech_token.length != 0) {
343 ALLOC(nt.u.negTokenInit.mechToken, 1);
344 if (nt.u.negTokenInit.mechToken == NULL) {
345 free_NegotiationToken(&nt);
346 gss_release_buffer(&minor, &mech_token);
347 *minor_status = ENOMEM;
348 return GSS_S_FAILURE;
350 nt.u.negTokenInit.mechToken->length = mech_token.length;
351 nt.u.negTokenInit.mechToken->data = malloc(mech_token.length);
352 if (nt.u.negTokenInit.mechToken->data == NULL && mech_token.length != 0) {
353 free_NegotiationToken(&nt);
354 gss_release_buffer(&minor, &mech_token);
355 *minor_status = ENOMEM;
356 return GSS_S_FAILURE;
358 memcpy(nt.u.negTokenInit.mechToken->data, mech_token.value, mech_token.length);
359 gss_release_buffer(&minor, &mech_token);
361 nt.u.negTokenInit.mechToken = NULL;
363 nt.u.negTokenInit.mechListMIC = NULL;
368 mt.len = nt.u.negTokenInit.mechTypes.len;
369 mt.val = nt.u.negTokenInit.mechTypes.val;
371 ASN1_MALLOC_ENCODE(MechTypeList,
372 ctx->NegTokenInit_mech_types.value,
373 ctx->NegTokenInit_mech_types.length,
377 free_NegotiationToken(&nt);
378 return GSS_S_FAILURE;
382 ASN1_MALLOC_ENCODE(NegotiationToken, data.value, data.length, &nt, &size, ret);
383 free_NegotiationToken(&nt);
385 return GSS_S_FAILURE;
387 if (data.length != size)
390 sub = gss_encapsulate_token(&data,
391 GSS_SPNEGO_MECHANISM,
400 *ret_flags = ctx->mech_flags;
402 *time_rec = ctx->mech_time_rec;
404 ctx->initiator_state = spnego_reply;
406 return GSS_S_CONTINUE_NEEDED;
414 spnego_reply(OM_uint32 * minor_status,
415 gss_const_cred_id_t cred,
417 gss_const_name_t target_name,
418 gss_const_OID mech_type,
421 const gss_channel_bindings_t input_chan_bindings,
422 gss_const_buffer_t input_token,
423 gss_buffer_t output_token,
424 OM_uint32 * ret_flags,
425 OM_uint32 * time_rec)
427 OM_uint32 ret, minor;
428 NegotiationToken resp;
429 gss_buffer_desc mech_output_token;
430 NegStateEnum negState;
434 output_token->length = 0;
435 output_token->value = NULL;
437 mech_output_token.length = 0;
438 mech_output_token.value = NULL;
440 ret = decode_NegotiationToken(input_token->value, input_token->length,
445 /* The SPNEGO token must be a negTokenResp */
446 if (resp.element != choice_NegotiationToken_negTokenResp) {
447 free_NegotiationToken(&resp);
449 return GSS_S_BAD_MECH;
453 * When negState is absent, the actual state should be inferred from
454 * the state of the negotiated mechanism context. (RFC 4178 4.2.2.)
456 if (resp.u.negTokenResp.negState != NULL)
457 negState = *resp.u.negTokenResp.negState;
459 negState = accept_incomplete;
462 * Pick up the mechanism that the acceptor selected, only pick up
463 * the first selection.
466 if (ctx->selected_mech_type == GSS_C_NO_OID && resp.u.negTokenResp.supportedMech) {
470 ctx->flags.seen_supported_mech = 1;
472 oid.length = (OM_uint32)der_length_oid(resp.u.negTokenResp.supportedMech);
473 oid.elements = malloc(oid.length);
474 if (oid.elements == NULL) {
475 free_NegotiationToken(&resp);
476 return GSS_S_BAD_MECH;
478 ret = der_put_oid(((uint8_t *)oid.elements) + oid.length - 1,
480 resp.u.negTokenResp.supportedMech,
482 if (ret || len != oid.length) {
484 free_NegotiationToken(&resp);
485 return GSS_S_BAD_MECH;
488 if (gss_oid_equal(GSS_SPNEGO_MECHANISM, &oid)) {
490 free_NegotiationToken(&resp);
491 return gss_mg_set_error_string(GSS_SPNEGO_MECHANISM,
492 GSS_S_BAD_MECH, (*minor_status = EINVAL),
493 "SPNEGO acceptor picked SPNEGO??");
496 /* check if the acceptor took our optimistic token */
497 if (gss_oid_equal(ctx->preferred_mech_type, &oid)) {
498 ctx->selected_mech_type = ctx->preferred_mech_type;
499 } else if (gss_oid_equal(ctx->preferred_mech_type, GSS_KRB5_MECHANISM) &&
500 gss_oid_equal(&oid, &_gss_spnego_mskrb_mechanism_oid_desc)) {
501 /* mis-encoded asn1 type from msft servers */
502 ctx->selected_mech_type = ctx->preferred_mech_type;
504 /* nope, lets start over */
505 gss_delete_sec_context(&minor, &ctx->negotiated_ctx_id,
507 ctx->negotiated_ctx_id = GSS_C_NO_CONTEXT;
509 if (gss_oid_equal(&oid, GSS_NEGOEX_MECHANISM))
510 ctx->selected_mech_type = GSS_NEGOEX_MECHANISM;
512 ctx->selected_mech_type = _gss_mg_support_mechanism(&oid);
514 /* XXX check that server pick a mechanism we proposed */
515 if (ctx->selected_mech_type == GSS_C_NO_OID) {
517 free_NegotiationToken(&resp);
518 return gss_mg_set_error_string(GSS_SPNEGO_MECHANISM,
519 GSS_S_BAD_MECH, (*minor_status = EINVAL),
520 "SPNEGO acceptor sent unsupported supportedMech");
524 _gss_spnego_log_mech("initiator selected mechanism", ctx->selected_mech_type);
528 } else if (ctx->selected_mech_type == NULL) {
529 free_NegotiationToken(&resp);
530 return gss_mg_set_error_string(GSS_SPNEGO_MECHANISM,
531 GSS_S_BAD_MECH, (*minor_status = EINVAL),
532 "SPNEGO acceptor didn't send supportedMech");
535 /* if a token (of non zero length) pass to underlaying mech */
536 if ((resp.u.negTokenResp.responseToken != NULL && resp.u.negTokenResp.responseToken->length) ||
537 ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) {
538 gss_buffer_desc mech_input_token;
540 if (resp.u.negTokenResp.responseToken) {
541 mech_input_token.length = resp.u.negTokenResp.responseToken->length;
542 mech_input_token.value = resp.u.negTokenResp.responseToken->data;
544 mech_input_token.length = 0;
545 mech_input_token.value = NULL;
548 /* Fall through as if the negotiated mechanism
549 was requested explicitly */
550 if (gss_oid_equal(ctx->selected_mech_type, GSS_NEGOEX_MECHANISM)) {
551 ret = _gss_negoex_init(&minor,
552 NULL, /* no optimistic token */
561 ret = gss_init_sec_context(&minor,
563 &ctx->negotiated_ctx_id,
565 ctx->selected_mech_type,
570 &ctx->negotiated_mech_type,
573 &ctx->mech_time_rec);
574 if (GSS_ERROR(ret)) {
575 gss_mg_collect_error(ctx->selected_mech_type, ret, minor);
579 * If the acceptor rejected, we're out even if the inner context is
580 * now complete. Note that the rejection is not integrity-protected.
582 if (negState == reject)
583 ret = GSS_S_BAD_MECH;
584 if (GSS_ERROR(ret)) {
585 free_NegotiationToken(&resp);
586 *minor_status = minor;
589 if (ret == GSS_S_COMPLETE) {
592 } else if (negState == reject) {
593 free_NegotiationToken(&resp);
594 return gss_mg_set_error_string(GSS_SPNEGO_MECHANISM,
595 GSS_S_BAD_MECH, (*minor_status = EPERM),
596 "SPNEGO acceptor rejected initiator token");
597 } else if (negState == accept_completed) {
599 * Note that the accept_completed isn't integrity-protected, but
600 * ctx->maybe_open can only be true if the inner context is fully
603 if (ctx->flags.maybe_open)
606 if (!ctx->flags.open) {
607 free_NegotiationToken(&resp);
608 return gss_mg_set_error_string(GSS_SPNEGO_MECHANISM,
609 GSS_S_BAD_MECH, (*minor_status = EINVAL),
610 "SPNEGO acceptor sent acceptor complete, "
611 "but we are not complete yet");
615 if (negState == request_mic) {
616 ctx->flags.peer_require_mic = 1;
619 if (ctx->flags.open && ctx->flags.verified_mic == 0) {
621 ctx->flags.require_mic = 1; /* default is to require a MIC */
622 ctx->flags.safe_omit = _gss_spnego_safe_omit_mechlist_mic(ctx);
625 * If the peer sent mechListMIC, require it to verify ...
627 if (resp.u.negTokenResp.mechListMIC) {
628 heim_octet_string *m = resp.u.negTokenResp.mechListMIC;
630 /* ...unless its a windows 2000 server that sends the
631 * responseToken inside the mechListMIC too. We only
632 * accept this condition if would have been safe to omit
635 if (ctx->flags.safe_omit
636 && resp.u.negTokenResp.responseToken
637 && der_heim_octet_string_cmp(m, resp.u.negTokenResp.responseToken) == 0)
639 ctx->flags.require_mic = 0;
644 ctx->flags.require_mic = 0;
648 * If we are supposed to check mic and have it, force checking now.
651 if (ctx->flags.require_mic && resp.u.negTokenResp.mechListMIC) {
653 ret = _gss_spnego_verify_mechtypes_mic(minor_status, ctx,
654 resp.u.negTokenResp.mechListMIC);
656 free_NegotiationToken(&resp);
662 * Now that underlaying mech is open (conncted), we can figure out
663 * what nexd step to go to.
666 if (ctx->flags.open) {
668 if (negState == accept_completed && ctx->flags.safe_omit) {
669 ctx->initiator_state = step_completed;
670 ret = GSS_S_COMPLETE;
671 } else if (ctx->flags.require_mic != 0 && ctx->flags.verified_mic == 0) {
672 ctx->initiator_state = wait_server_mic;
673 ret = GSS_S_CONTINUE_NEEDED;
675 ctx->initiator_state = step_completed;
676 ret = GSS_S_COMPLETE;
680 if (negState != accept_completed ||
681 ctx->initiator_state != step_completed ||
682 mech_output_token.length)
685 ret2 = make_reply(minor_status, ctx,
692 free_NegotiationToken(&resp);
694 gss_release_buffer(&minor, &mech_output_token);
697 *ret_flags = ctx->mech_flags;
699 *time_rec = ctx->mech_time_rec;
705 wait_server_mic(OM_uint32 * minor_status,
706 gss_const_cred_id_t cred,
708 gss_const_name_t target_name,
709 gss_const_OID mech_type,
712 const gss_channel_bindings_t input_chan_bindings,
713 gss_const_buffer_t input_token,
714 gss_buffer_t output_token,
715 OM_uint32 * ret_flags,
716 OM_uint32 * time_rec)
718 OM_uint32 major_status;
719 NegotiationToken resp;
722 ret = decode_NegotiationToken(input_token->value, input_token->length, &resp, NULL);
724 return gss_mg_set_error_string(GSS_SPNEGO_MECHANISM,
726 "Failed to decode NegotiationToken");
728 if (resp.element != choice_NegotiationToken_negTokenResp
729 || resp.u.negTokenResp.negState == NULL
730 || *resp.u.negTokenResp.negState != accept_completed)
732 free_NegotiationToken(&resp);
733 return gss_mg_set_error_string(GSS_SPNEGO_MECHANISM,
734 GSS_S_BAD_MECH, (*minor_status = EINVAL),
735 "NegToken not accept_completed");
738 if (resp.u.negTokenResp.mechListMIC) {
739 major_status = _gss_spnego_verify_mechtypes_mic(minor_status, ctx,
740 resp.u.negTokenResp.mechListMIC);
741 } else if (ctx->flags.safe_omit == 0) {
742 free_NegotiationToken(&resp);
743 return gss_mg_set_error_string(GSS_SPNEGO_MECHANISM,
744 GSS_S_BAD_MECH, (*minor_status = EINVAL),
745 "Waiting for MIC, but its missing in server request");
747 major_status = GSS_S_COMPLETE;
750 free_NegotiationToken(&resp);
751 if (major_status != GSS_S_COMPLETE)
754 ctx->flags.verified_mic = 1;
755 ctx->initiator_state = step_completed;
758 *ret_flags = ctx->mech_flags;
760 *time_rec = ctx->mech_time_rec;
763 return GSS_S_COMPLETE;
767 step_completed(OM_uint32 * minor_status,
768 gss_const_cred_id_t cred,
770 gss_const_name_t name,
771 gss_const_OID mech_type,
774 const gss_channel_bindings_t input_chan_bindings,
775 gss_const_buffer_t input_token,
776 gss_buffer_t output_token,
777 OM_uint32 * ret_flags,
778 OM_uint32 * time_rec)
780 return gss_mg_set_error_string(GSS_SPNEGO_MECHANISM,
781 GSS_S_BAD_STATUS, (*minor_status = EINVAL),
782 "SPNEGO called got ISC call one too many");
785 OM_uint32 GSSAPI_CALLCONV
786 _gss_spnego_init_sec_context(OM_uint32 * minor_status,
787 gss_const_cred_id_t initiator_cred_handle,
788 gss_ctx_id_t * context_handle,
789 gss_const_name_t target_name,
790 const gss_OID mech_type,
793 const gss_channel_bindings_t input_chan_bindings,
794 const gss_buffer_t input_token,
795 gss_OID * actual_mech_type,
796 gss_buffer_t output_token,
797 OM_uint32 * ret_flags,
798 OM_uint32 * time_rec)
803 if (*context_handle == GSS_C_NO_CONTEXT) {
804 ret = _gss_spnego_alloc_sec_context(minor_status, context_handle);
808 ctx = (gssspnego_ctx)*context_handle;
810 ctx->initiator_state = spnego_initial;
812 ctx = (gssspnego_ctx)*context_handle;
816 HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex);
819 ret = ctx->initiator_state(minor_status, initiator_cred_handle, ctx, target_name,
820 mech_type, req_flags, time_req, input_chan_bindings, input_token,
821 output_token, ret_flags, time_rec);
823 } while (ret == GSS_S_COMPLETE &&
824 ctx->initiator_state != step_completed &&
825 output_token->length == 0);
827 /* destroy context in case of error */
828 if (GSS_ERROR(ret)) {
830 _gss_spnego_internal_delete_sec_context(&junk, context_handle, GSS_C_NO_BUFFER);
833 HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex);
835 if (actual_mech_type)
836 *actual_mech_type = ctx->negotiated_mech_type;