aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSteve Holme <steve_holme@hotmail.com>2016-04-03 11:45:02 +0100
committerSteve Holme <steve_holme@hotmail.com>2016-04-03 11:45:02 +0100
commit61152e7d9433c868a39be2c9e79a21dae60c0f33 (patch)
tree2b0b6c81a5acacce0f4a2eb354773a058259558f
parent228cd71c6f08d1d85f875284f6a72f796dec13c4 (diff)
krb5_sspi: Only process challenge when present
This wouldn't cause a problem because of the way the function is called, but prior to this change, we were processing the challenge message when the credentials were NULL rather than when the challenge message was populated. This also brings this part of the Kerberos 5 code in line with the Negotiate code.
-rw-r--r--lib/vauth/krb5_sspi.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/lib/vauth/krb5_sspi.c b/lib/vauth/krb5_sspi.c
index 4ad5f3ac0..ee80daee0 100644
--- a/lib/vauth/krb5_sspi.c
+++ b/lib/vauth/krb5_sspi.c
@@ -150,9 +150,10 @@ CURLcode Curl_auth_create_gssapi_user_message(struct SessionHandle *data,
memset(krb5->context, 0, sizeof(CtxtHandle));
}
- else {
+
+ if(chlg64 && strlen(chlg64)) {
/* Decode the base-64 encoded challenge message */
- if(strlen(chlg64) && *chlg64 != '=') {
+ if(*chlg64 != '=') {
result = Curl_base64_decode(chlg64, &chlg, &chlglen);
if(result)
return result;