don't return GSS_S_CREDENTIALS_EXPIRED if no expiry time

author Luke Howard <lukeh@padl.com>

Mon, 4 Apr 2011 15:50:12 +0000 (01:50 +1000)

committer Luke Howard <lukeh@padl.com>

Mon, 4 Apr 2011 15:50:12 +0000 (01:50 +1000)
author Luke Howard <lukeh@padl.com>
Mon, 4 Apr 2011 15:50:12 +0000 (01:50 +1000)
committer Luke Howard <lukeh@padl.com>
Mon, 4 Apr 2011 15:50:12 +0000 (01:50 +1000)
diff --git a/mech_eap/accept_sec_context.c b/mech_eap/accept_sec_context.c

index 16e60fb..e73958e 100644 (file)
--- a/mech_eap/accept_sec_context.c
+++ b/mech_eap/accept_sec_context.c
@@ -121,7 +121,7 @@ acceptReadyEap(OM_uint32 *minor, gss_ctx_id_t ctx, gss_cred_id_t cred)
      if (GSS_ERROR(major))
          return major;
  
-    if (ctx->expiryTime < time(NULL)) {
+    if (ctx->expiryTime != 0 && ctx->expiryTime < time(NULL)) {
          *minor = GSSEAP_CRED_EXPIRED;
          return GSS_S_CREDENTIALS_EXPIRED;
      }
author	Luke Howard <lukeh@padl.com>
	Mon, 4 Apr 2011 15:50:12 +0000 (01:50 +1000)
committer	Luke Howard <lukeh@padl.com>
	Mon, 4 Apr 2011 15:50:12 +0000 (01:50 +1000)