don't fail hard if reauth cred generation fails

[moonshot.git] / mech_eap / accept_sec_context.c

diff --git a/mech_eap/accept_sec_context.c b/mech_eap/accept_sec_context.c
index 5b3d53f..47bb64f 100644 (file)
--- a/mech_eap/accept_sec_context.c
+++ b/mech_eap/accept_sec_context.c
@@ -617,8 +617,10 @@ eapGssSmAcceptReauthCreds(OM_uint32 *minor,
      * fabricate a ticket from the initiator to ourselves.
      */
     major = gssEapMakeReauthCreds(minor, ctx, cred, outputToken);
-    if (GSS_ERROR(major))
-        return major;
+    if (major == GSS_S_UNAVAILABLE)
+        major = GSS_S_COMPLETE;
+    if (major == GSS_S_COMPLETE)
+        major = GSS_S_CONTINUE_NEEDED;
 
     return major;
 }