Check mech cred in gss_inquire_cred_by_mech()

If gss_inquire_cred_by_mech() is called with a mechanism and there is no corresponding mechanism credential in the union cred, return GSS_S_NO_CRED (as Heimdal does) instead of interrogating the mechanism about the default credential. (cherry picked from commit 8ea7e36661cfa6d8acb2b1af615870092a408cce) ticket: 8736 version_fixed: 1.15.4
author: Greg Hudson <ghudson@mit.edu> 2018-09-13 17:03:36 -0400
committer: Greg Hudson <ghudson@mit.edu> 2018-10-29 18:12:22 -0400
commit: f8114777c8a57fd7576b4f9e345fc7f93b90fbb6 (patch)
tree: b8cdc4131d1f3771b3add9c6cf83a7369ab7d57a
parent: d6ce2d8273bf4b2a51de882866e42d33d1f568ca (diff)
download: krb5-f8114777c8a57fd7576b4f9e345fc7f93b90fbb6.zip
krb5-f8114777c8a57fd7576b4f9e345fc7f93b90fbb6.tar.gz
krb5-f8114777c8a57fd7576b4f9e345fc7f93b90fbb6.tar.bz2
1 files changed, 2 insertions, 0 deletions
diff --git a/src/lib/gssapi/mechglue/g_inq_cred.c b/src/lib/gssapi/mechglue/g_inq_cred.c
index 9111962..5025bf1 100644
--- a/src/lib/gssapi/mechglue/g_inq_cred.c
+++ b/src/lib/gssapi/mechglue/g_inq_cred.c
@@ -197,6 +197,8 @@ gss_inquire_cred_by_mech(minor_status, cred_handle, mech_type, name,
 
     union_cred = (gss_union_cred_t) cred_handle;
     mech_cred = gssint_get_mechanism_cred(union_cred, selected_mech);
+    if (cred_handle != GSS_C_NO_CREDENTIAL && mech_cred == GSS_C_NO_CREDENTIAL)
+	return (GSS_S_NO_CRED);
 
 #if 0
     if (mech_cred == NULL)
author	Greg Hudson <ghudson@mit.edu>	2018-09-13 17:03:36 -0400
committer	Greg Hudson <ghudson@mit.edu>	2018-10-29 18:12:22 -0400
commit	f8114777c8a57fd7576b4f9e345fc7f93b90fbb6 (patch)
tree	b8cdc4131d1f3771b3add9c6cf83a7369ab7d57a
parent	d6ce2d8273bf4b2a51de882866e42d33d1f568ca (diff)
download	krb5-f8114777c8a57fd7576b4f9e345fc7f93b90fbb6.zip krb5-f8114777c8a57fd7576b4f9e345fc7f93b90fbb6.tar.gz krb5-f8114777c8a57fd7576b4f9e345fc7f93b90fbb6.tar.bz2