aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSteve Holme <steve_holme@hotmail.com>2016-04-03 17:17:20 +0100
committerSteve Holme <steve_holme@hotmail.com>2016-04-03 17:17:20 +0100
commit156b8287a7d68569d6a43240fd7ed6b7380193b5 (patch)
treed98a266e5c20efc006772b299a4aaae6d954fd1c
parent73f1096335d468b5be7c3cc99045479c3314f433 (diff)
krb5_gssapi: Only process challenge when present
This wouldn't cause a problem because of the way the function is called, but prior to this change, we were processing the challenge message when the credentials were NULL rather than when the challenge message was populated. This also brings this part of the Kerberos 5 code in line with the Negotiate code.
-rw-r--r--lib/vauth/krb5_gssapi.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/vauth/krb5_gssapi.c b/lib/vauth/krb5_gssapi.c
index 888a279c6..0e0db5bc4 100644
--- a/lib/vauth/krb5_gssapi.c
+++ b/lib/vauth/krb5_gssapi.c
@@ -113,9 +113,9 @@ CURLcode Curl_auth_create_gssapi_user_message(struct SessionHandle *data,
free(spn);
}
- if(krb5->context != GSS_C_NO_CONTEXT) {
+ if(chlg64 && strlen(chlg64)) {
/* Decode the base-64 encoded challenge message */
- if(strlen(chlg64) && *chlg64 != '=') {
+ if(*chlg64 != '=') {
result = Curl_base64_decode(chlg64, &chlg, &chlglen);
if(result)
return result;