krb5_sspi: Only process challenge when present

This wouldn't cause a problem because of the way the function is called, but prior to this change, we were processing the challenge message when the credentials were NULL rather than when the challenge message was populated. This also brings this part of the Kerberos 5 code in line with the Negotiate code.
author: Steve Holme <steve_holme@hotmail.com> 2016-04-03 11:45:02 +0100
committer: Steve Holme <steve_holme@hotmail.com> 2016-04-03 11:45:02 +0100
commit: 61152e7d9433c868a39be2c9e79a21dae60c0f33 (patch)
tree: 2b0b6c81a5acacce0f4a2eb354773a058259558f /lib
parent: 228cd71c6f08d1d85f875284f6a72f796dec13c4 (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/lib/vauth/krb5_sspi.c b/lib/vauth/krb5_sspi.c
index 4ad5f3ac0..ee80daee0 100644
--- a/lib/vauth/krb5_sspi.c
+++ b/lib/vauth/krb5_sspi.c
@@ -150,9 +150,10 @@ CURLcode Curl_auth_create_gssapi_user_message(struct SessionHandle *data,
 
     memset(krb5->context, 0, sizeof(CtxtHandle));
   }
-  else {
+
+  if(chlg64 && strlen(chlg64)) {
     /* Decode the base-64 encoded challenge message */
-    if(strlen(chlg64) && *chlg64 != '=') {
+    if(*chlg64 != '=') {
       result = Curl_base64_decode(chlg64, &chlg, &chlglen);
       if(result)
         return result;
author	Steve Holme <steve_holme@hotmail.com>	2016-04-03 11:45:02 +0100
committer	Steve Holme <steve_holme@hotmail.com>	2016-04-03 11:45:02 +0100
commit	61152e7d9433c868a39be2c9e79a21dae60c0f33 (patch)
tree	2b0b6c81a5acacce0f4a2eb354773a058259558f /lib
parent	228cd71c6f08d1d85f875284f6a72f796dec13c4 (diff)