krb5_sspi: Only generate the output token when its not allocated

Prior to this change, we were generating the output token when the credentials were NULL rather than when the output token was NULL. This also brings this part of the Kerberos 5 code in line with the Negotiate code.
author: Steve Holme <steve_holme@hotmail.com> 2016-04-03 11:25:12 +0100
committer: Steve Holme <steve_holme@hotmail.com> 2016-04-03 11:25:12 +0100
commit: 228cd71c6f08d1d85f875284f6a72f796dec13c4 (patch)
tree: 3d19c953580b666d326aaecce8e8599447ad5fa8
parent: 2d2c67e3ed30e7d9850447826b2cc968f28ae681 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/vauth/krb5_sspi.c b/lib/vauth/krb5_sspi.c
index da08f8f03..4ad5f3ac0 100644
--- a/lib/vauth/krb5_sspi.c
+++ b/lib/vauth/krb5_sspi.c
@@ -92,7 +92,7 @@ CURLcode Curl_auth_create_gssapi_user_message(struct SessionHandle *data,
       return CURLE_OUT_OF_MEMORY;
   }
 
-  if(!krb5->credentials) {
+  if(!krb5->output_token) {
     /* Query the security package for Kerberos */
     status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *)
                                                 TEXT(SP_NAME_KERBEROS),
@@ -110,7 +110,9 @@ CURLcode Curl_auth_create_gssapi_user_message(struct SessionHandle *data,
     krb5->output_token = malloc(krb5->token_max);
     if(!krb5->output_token)
       return CURLE_OUT_OF_MEMORY;
+  }
 
+  if(!krb5->credentials) {
     if(userp && *userp) {
       /* Populate our identity structure */
       result = Curl_create_sspi_identity(userp, passwdp, &krb5->identity);
author	Steve Holme <steve_holme@hotmail.com>	2016-04-03 11:25:12 +0100
committer	Steve Holme <steve_holme@hotmail.com>	2016-04-03 11:25:12 +0100
commit	228cd71c6f08d1d85f875284f6a72f796dec13c4 (patch)
tree	3d19c953580b666d326aaecce8e8599447ad5fa8
parent	2d2c67e3ed30e7d9850447826b2cc968f28ae681 (diff)