+ * If application didn't provide an authid, then use the default
+ * credential. If that doesn't work, give up.
+ */
+ if (!GOT_CREDS(text, params) && oparams->authid == NULL) {
+ maj_stat = gss_acquire_cred(&min_stat,
+ GSS_C_NO_NAME,
+ GSS_C_INDEFINITE,
+ &mechs,
+ GSS_C_INITIATE,
+ &text->client_creds,
+ NULL,
+ &text->lifetime);
+ if (GSS_ERROR(maj_stat))
+ goto cleanup;
+
+ maj_stat = gss_inquire_cred(&min_stat,
+ params->gss_creds
+ ? (gss_cred_id_t)params->gss_creds
+ : text->client_creds,
+ &text->client_name,
+ NULL,
+ NULL,
+ NULL);
+ if (GSS_ERROR(maj_stat))
+ goto cleanup;
+
+ assert(text->client_name == GSS_C_NO_NAME);
+
+ maj_stat = gss_display_name(&min_stat,
+ text->client_name,
+ &cred_authid,
+ NULL);
+ if (GSS_ERROR(maj_stat))
+ goto cleanup;
+
+ result = params->canon_user(params->utils->conn,
+ cred_authid.value, cred_authid.length,
+ SASL_CU_AUTHID, oparams);
+ if (result != SASL_OK)
+ goto cleanup;
+ }
+
+ /*