From: Luke Howard <lukeh@padl.com>
Date: Fri, 7 Oct 2011 07:06:57 +0000 (+1100)
Subject: fix incorrect reauth cred assert check
X-Git-Tag: tr-beta1~71
X-Git-Url: http://www.project-moonshot.org/gitweb/?p=moonshot.git;a=commitdiff_plain;h=72e1f288545e07166e9442073f045cdde562d367

fix incorrect reauth cred assert check
---

diff --git a/moonshot/mech_eap/init_sec_context.c b/moonshot/mech_eap/init_sec_context.c
index 15e0520..e99b479 100644
--- a/moonshot/mech_eap/init_sec_context.c
+++ b/moonshot/mech_eap/init_sec_context.c
@@ -457,8 +457,10 @@ eapGssSmInitGssReauth(OM_uint32 *minor,
     gss_OID actualMech = GSS_C_NO_OID;
     OM_uint32 gssFlags, timeRec;
 
-    GSSEAP_ASSERT(cred != GSS_C_NO_CREDENTIAL);
-
+    /*
+     * Here we use the passed in credential handle because the resolved
+     * context credential does not currently have the reauth creds.
+     */
     if (GSSEAP_SM_STATE(ctx) == GSSEAP_STATE_INITIAL) {
         if (!gssEapCanReauthP(cred, target, timeReq))
             return GSS_S_CONTINUE_NEEDED;
@@ -470,6 +472,8 @@ eapGssSmInitGssReauth(OM_uint32 *minor,
         goto cleanup;
     }
 
+    GSSEAP_ASSERT(cred != GSS_C_NO_CREDENTIAL);
+
     major = gssEapMechToGlueName(minor, target, &mechTarget);
     if (GSS_ERROR(major))
         goto cleanup;
diff --git a/moonshot/mech_eap/util_reauth.c b/moonshot/mech_eap/util_reauth.c
index 32ed781..50011ca 100644
--- a/moonshot/mech_eap/util_reauth.c
+++ b/moonshot/mech_eap/util_reauth.c
@@ -485,7 +485,8 @@ gssEapCanReauthP(gss_cred_id_t cred,
     time_t now, expiryReq;
     OM_uint32 minor;
 
-    GSSEAP_ASSERT(cred != GSS_C_NO_CREDENTIAL);
+    if (cred == GSS_C_NO_CREDENTIAL)
+        return FALSE;
 
     now = time(NULL);
     expiryReq = now;