gss_OID
gssEapPrimaryMechForCred(gss_cred_id_t cred)
{
- gss_OID nameMech = GSS_C_NO_OID;
+ gss_OID credMech = GSS_C_NO_OID;
- if (cred->mechanisms != GSS_C_NO_OID_SET &&
+ if (cred != GSS_C_NO_CREDENTIAL &&
+ cred->mechanisms != GSS_C_NO_OID_SET &&
cred->mechanisms->count == 1)
- nameMech = &cred->mechanisms->elements[0];
+ credMech = &cred->mechanisms->elements[0];
- return nameMech;
+ return credMech;
}
OM_uint32
GSSEAP_MUTEX_UNLOCK(&desiredName->mutex);
}
+#ifdef GSSEAP_ENABLE_ACCEPTOR
if (cred->flags & CRED_FLAG_ACCEPT) {
struct rs_context *radContext;
rs_context_destroy(radContext);
}
+#endif
if (pActualMechs != NULL) {
major = duplicateOidSet(minor, cred->mechanisms, pActualMechs);
if (major == GSS_S_CRED_UNAVAIL)
#endif
major = staticIdentityFileResolveInitiatorCred(minor, resolvedCred);
- if (GSS_ERROR(major))
+ if (GSS_ERROR(major) && major != GSS_S_CRED_UNAVAIL)
goto cleanup;
+ /* If we have a caller-supplied password, the credential is resolved. */
if ((resolvedCred->flags & CRED_FLAG_PASSWORD) == 0) {
major = GSS_S_CRED_UNAVAIL;
*minor = GSSEAP_NO_DEFAULT_CRED;