From: Luke Howard <lukeh@padl.com>
Date: Mon, 25 Oct 2010 21:34:42 +0000 (+1100)
Subject: If we can't make reauth creds, return GSS_S_UNAVAILABLE
X-Git-Tag: vm/20110310~89
X-Git-Url: http://www.project-moonshot.org/gitweb/?p=mech_eap.orig;a=commitdiff_plain;h=3b689507a185c305a383fad4e121ffc445ca8a82

If we can't make reauth creds, return GSS_S_UNAVAILABLE
---

diff --git a/util_reauth.c b/util_reauth.c
index 141ee77..7806671 100644
--- a/util_reauth.c
+++ b/util_reauth.c
@@ -185,14 +185,8 @@ gssEapMakeReauthCreds(OM_uint32 *minor,
     code = getAcceptorKey(krbContext, ctx, cred,
                           &ticket.server, &acceptorKey);
     if (code == KRB5_KT_NOTFOUND) {
-        gss_buffer_desc emptyToken = { 0, "" };
-
-        /*
-         * If we can't produce the KRB-CRED message, we need to
-         * return an empty (not NULL) token to the caller so we
-         * don't change the number of authentication legs.
-         */
-        return duplicateBuffer(minor, &emptyToken, credBuf);
+        *minor = code;
+        return GSS_S_UNAVAILABLE;
     } else if (code != 0)
         goto cleanup;