From 73f1096335d468b5be7c3cc99045479c3314f433 Mon Sep 17 00:00:00 2001 From: Steve Holme Date: Sun, 3 Apr 2016 17:02:44 +0100 Subject: krb5: Fixed missing client response when mutual authentication enabled Although mutual authentication is currently turned off and can only be enabled by changing libcurl source code, authentication using Kerberos 5 has been broken since commit 79543caf90 in this use case. --- lib/vauth/krb5_gssapi.c | 5 +++++ lib/vauth/krb5_sspi.c | 5 +++++ 2 files changed, 10 insertions(+) (limited to 'lib/vauth') diff --git a/lib/vauth/krb5_gssapi.c b/lib/vauth/krb5_gssapi.c index 18c6dbb46..888a279c6 100644 --- a/lib/vauth/krb5_gssapi.c +++ b/lib/vauth/krb5_gssapi.c @@ -163,6 +163,11 @@ CURLcode Curl_auth_create_gssapi_user_message(struct SessionHandle *data, gss_release_buffer(&unused_status, &output_token); } + else if(mutual_auth) { + *outptr = strdup(""); + if(!*outptr) + result = CURLE_OUT_OF_MEMORY; + } return result; } diff --git a/lib/vauth/krb5_sspi.c b/lib/vauth/krb5_sspi.c index ee80daee0..605933197 100644 --- a/lib/vauth/krb5_sspi.c +++ b/lib/vauth/krb5_sspi.c @@ -212,6 +212,11 @@ CURLcode Curl_auth_create_gssapi_user_message(struct SessionHandle *data, result = Curl_base64_encode(data, (char *) resp_buf.pvBuffer, resp_buf.cbBuffer, outptr, outlen); } + else if(mutual_auth) { + *outptr = strdup(""); + if(!*outptr) + result = CURLE_OUT_OF_MEMORY; + } /* Free the decoded challenge */ free(chlg); -- cgit v1.2.3