2 files changed, 50 insertions, 3 deletions

diff --git a/proxy/src/mechglue/gpp_context.c b/proxy/src/mechglue/gpp_context.c
index fb84c59..6be68a2 100644
--- a/proxy/src/mechglue/gpp_context.c
+++ b/proxy/src/mechglue/gpp_context.c
@@ -63,11 +63,53 @@ OM_uint32 gssi_import_sec_context(OM_uint32 *minor_status,
                                   gss_buffer_t interprocess_token,
                                   gss_ctx_id_t *context_handle)
 {
+    return GSS_S_UNAVAILABLE;
+}
+
+OM_uint32 gssi_import_sec_context_for_mech(OM_uint32 *minor_status,
+                                           gss_OID mech_type,
+                                           gss_buffer_t interprocess_token,
+                                           gss_ctx_id_t *context_handle)
+{
     struct gpp_context_handle *ctx;
+    gss_buffer_desc wrap_token = {0};
+    gss_OID spmech;
+    OM_uint32 maj, min = 0;
 
-    /* FIXME: how do we know which mechanism we did interpose ? */
-    /* We need a new call that passes down the mech oid */
-    return GSS_S_UNAVAILABLE;
+    ctx = calloc(1, sizeof(struct gpp_context_handle));
+    if (!ctx) {
+        *minor_status = 0;
+        return GSS_S_FAILURE;
+    }
+
+    /* NOTE: it makes no sense to import a context remotely atm,
+     * so we only handle the local case for now. */
+    spmech = gpp_special_mech(mech_type);
+    if (spmech == GSS_C_NO_OID) {
+        maj = GSS_S_FAILURE;
+        goto done;
+    }
+
+    wrap_token.value = malloc(sizeof(uint32_t) + spmech->length +
+                              interprocess_token->length);
+    if (!wrap_token.value) {
+        maj = GSS_S_FAILURE;
+        goto done;
+    }
+    wrap_token.length = sizeof(uint32_t) + spmech->length +
+                        interprocess_token->length;
+
+    maj = gss_import_sec_context(&min, &wrap_token, &ctx->local);
+
+done:
+    *minor_status = gpp_map_error(min);
+    if (maj == GSS_S_COMPLETE) {
+        *context_handle = (gss_ctx_id_t)ctx;
+    } else {
+        free(ctx);
+    }
+    (void)gss_release_buffer(&min, &wrap_token);
+    return maj;
 }
 
 OM_uint32 gssi_process_context_token(OM_uint32 *minor_status,
diff --git a/proxy/src/mechglue/gss_plugin.h b/proxy/src/mechglue/gss_plugin.h
index defcb2d..342a8bd 100644
--- a/proxy/src/mechglue/gss_plugin.h
+++ b/proxy/src/mechglue/gss_plugin.h
@@ -128,6 +128,11 @@ OM_uint32 gssi_import_sec_context(OM_uint32 *minor_status,
                                   gss_buffer_t interprocess_token,
                                   gss_ctx_id_t *context_handle);
 
+OM_uint32 gssi_import_sec_context_for_mech(OM_uint32 *minor_status,
+                                           gss_OID mech_type,
+                                           gss_buffer_t interprocess_token,
+                                           gss_ctx_id_t *context_handle);
+
 OM_uint32 gssi_process_context_token(OM_uint32 *minor_status,
                                      gss_ctx_id_t context_handle,
                                      gss_buffer_t token_buffer);