diff options
author | Greg Hudson <ghudson@mit.edu> | 2018-09-13 17:03:36 -0400 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2018-09-17 10:02:31 -0400 |
commit | 8ea7e36661cfa6d8acb2b1af615870092a408cce (patch) | |
tree | c311af4e26187e959083eb0a429247066cc47341 | |
parent | 4ffb239bfc44396d72ac8c54103367aa4f9bd3e8 (diff) | |
download | krb5-8ea7e36661cfa6d8acb2b1af615870092a408cce.zip krb5-8ea7e36661cfa6d8acb2b1af615870092a408cce.tar.gz krb5-8ea7e36661cfa6d8acb2b1af615870092a408cce.tar.bz2 |
Check mech cred in gss_inquire_cred_by_mech()
If gss_inquire_cred_by_mech() is called with a mechanism and there is
no corresponding mechanism credential in the union cred, return
GSS_S_NO_CRED (as Heimdal does) instead of interrogating the mechanism
about the default credential.
ticket: 8736 (new)
tags: pullup
target_version: 1.16-next
target_version: 1.15-next
-rw-r--r-- | src/lib/gssapi/mechglue/g_inq_cred.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/lib/gssapi/mechglue/g_inq_cred.c b/src/lib/gssapi/mechglue/g_inq_cred.c index cbe045a..4ed7774 100644 --- a/src/lib/gssapi/mechglue/g_inq_cred.c +++ b/src/lib/gssapi/mechglue/g_inq_cred.c @@ -197,6 +197,8 @@ gss_inquire_cred_by_mech(minor_status, cred_handle, mech_type, name, union_cred = (gss_union_cred_t) cred_handle; mech_cred = gssint_get_mechanism_cred(union_cred, selected_mech); + if (cred_handle != GSS_C_NO_CREDENTIAL && mech_cred == GSS_C_NO_CREDENTIAL) + return (GSS_S_NO_CRED); public_mech = gssint_get_public_oid(selected_mech); status = mech->gss_inquire_cred_by_mech(minor_status, |