major = gssEapRadiusGetRawAvp(minor, ctx->acceptorCtx.vps,
PW_USER_NAME, 0, &vp);
- if (major == GSS_S_COMPLETE) {
+ if (major == GSS_S_COMPLETE && vp->length) {
nameBuf.length = vp->length;
nameBuf.value = vp->vp_strvalue;
} else {
if (GSS_ERROR(major))
return major;
+ if (ctx->expiryTime < time(NULL)) {
+ *minor = GSSEAP_CRED_EXPIRED;
+ return GSS_S_CREDENTIALS_EXPIRED;
+ }
+
*minor = 0;
return GSS_S_COMPLETE;
}