retry cred acquisition with named cred

author Luke Howard <lukeh@padl.com>

Fri, 23 Sep 2011 02:58:18 +0000 (12:58 +1000)

committer Luke Howard <lukeh@padl.com>

Fri, 23 Sep 2011 02:58:18 +0000 (12:58 +1000)
author Luke Howard <lukeh@padl.com>
Fri, 23 Sep 2011 02:58:18 +0000 (12:58 +1000)
committer Luke Howard <lukeh@padl.com>
Fri, 23 Sep 2011 02:58:18 +0000 (12:58 +1000)
diff --git a/plugins/gs2.c b/plugins/gs2.c

index 025f7fc..9e29fe1 100644 (file)
--- a/plugins/gs2.c
+++ b/plugins/gs2.c
@@ -1560,6 +1560,9 @@ gs2_get_init_creds(context_t *text,
                                         &text->client_name);
              if (GSS_ERROR(maj_stat))
                  goto cleanup;
+
+            /* The authid may have changed after prompting, so free any creds */
+            gss_release_cred(&min_stat, &text->client_creds);
          }
      }
  
@@ -1589,8 +1592,11 @@ gs2_get_init_creds(context_t *text,
                                      NULL,
                                      NULL,
                                      NULL);
-        if (GSS_ERROR(maj_stat))
-            goto cleanup;
+        if (GSS_ERROR(maj_stat)) {
+            /* Maybe there was no default credential */
+            auth_result = SASL_INTERACT;
+            goto interact;
+        }
  
          maj_stat = gss_display_name(&min_stat,
                                      text->client_name,
@@ -1671,6 +1677,8 @@ gs2_get_init_creds(context_t *text,
  
      maj_stat = GSS_S_COMPLETE;
  
+interact:
+
      /* free prompts we got */
      if (prompt_need && *prompt_need) {
          params->utils->free(*prompt_need);
author	Luke Howard <lukeh@padl.com>
	Fri, 23 Sep 2011 02:58:18 +0000 (12:58 +1000)
committer	Luke Howard <lukeh@padl.com>
	Fri, 23 Sep 2011 02:58:18 +0000 (12:58 +1000)