verify desired and actual mech OIDs are equal before trying gss_duplicate_name

git-svn-id: svn://anonsvn.mit.edu/krb5/users/lhoward/saml2@24770 dc483132-0cff-0310-8789-dd5450dbe970
author: Luke Howard <lukeh@padl.com> 2011-04-01 05:51:22 +0000
committer: Luke Howard <lukeh@padl.com> 2011-04-01 05:51:22 +0000
commit: 3e43c9cce8057d6f61e08702138b2b69c6f62ea1 (patch)
tree: c398403040d39c39746f721bdd60c597ff0f3d43
parent: 67937ee206d86be7685f8dde920a4601ceced727 (diff)
download: krb5-3e43c9cce8057d6f61e08702138b2b69c6f62ea1.zip
krb5-3e43c9cce8057d6f61e08702138b2b69c6f62ea1.tar.gz
krb5-3e43c9cce8057d6f61e08702138b2b69c6f62ea1.tar.bz2
1 files changed, 7 insertions, 2 deletions
diff --git a/src/lib/gssapi/mechglue/g_glue.c b/src/lib/gssapi/mechglue/g_glue.c
index f0a5796..092147b 100644
--- a/src/lib/gssapi/mechglue/g_glue.c
+++ b/src/lib/gssapi/mechglue/g_glue.c
@@ -302,8 +302,13 @@ gss_name_t	*internal_name;
     if (mech == NULL)
 	return (GSS_S_BAD_MECH);
 
-    if (mech->gss_duplicate_name != NULL &&
-	union_name->mech_name != GSS_C_NO_NAME) {
+    /*
+     * If we are importing a name for the same mechanism, and the
+     * mechanism implements gss_duplicate_name, then use that.
+     */
+    if (union_name->mech_name != GSS_C_NO_NAME &&
+	g_OID_equal(union_name->mech_type, mech_type) &&
+	mech->gss_duplicate_name != NULL) {
 	status = mech->gss_duplicate_name(minor_status,
 					  union_name->mech_name,
 					  internal_name);
author	Luke Howard <lukeh@padl.com>	2011-04-01 05:51:22 +0000
committer	Luke Howard <lukeh@padl.com>	2011-04-01 05:51:22 +0000
commit	3e43c9cce8057d6f61e08702138b2b69c6f62ea1 (patch)
tree	c398403040d39c39746f721bdd60c597ff0f3d43
parent	67937ee206d86be7685f8dde920a4601ceced727 (diff)
download	krb5-3e43c9cce8057d6f61e08702138b2b69c6f62ea1.zip krb5-3e43c9cce8057d6f61e08702138b2b69c6f62ea1.tar.gz krb5-3e43c9cce8057d6f61e08702138b2b69c6f62ea1.tar.bz2