From: Luke Howard <lukeh@padl.com>
Date: Mon, 4 Apr 2011 15:50:12 +0000 (+1000)
Subject: don't return GSS_S_CREDENTIALS_EXPIRED if no expiry time
X-Git-Tag: tr-beta1~201
X-Git-Url: http://www.project-moonshot.org/gitweb/?p=moonshot.git;a=commitdiff_plain;h=88afb3258d76894bf780e8d0ede0d688122f4319

don't return GSS_S_CREDENTIALS_EXPIRED if no expiry time
---

diff --git a/mech_eap/accept_sec_context.c b/mech_eap/accept_sec_context.c
index d54ea48..ca95f5c 100644
--- a/mech_eap/accept_sec_context.c
+++ b/mech_eap/accept_sec_context.c
@@ -121,7 +121,7 @@ acceptReadyEap(OM_uint32 *minor, gss_ctx_id_t ctx, gss_cred_id_t cred)
     if (GSS_ERROR(major))
         return major;
 
-    if (ctx->expiryTime < time(NULL)) {
+    if (ctx->expiryTime != 0 && ctx->expiryTime < time(NULL)) {
         *minor = GSSEAP_CRED_EXPIRED;
         return GSS_S_CREDENTIALS_EXPIRED;
     }