From: Luke Howard <lukeh@padl.com>
Date: Mon, 4 Apr 2011 15:50:12 +0000 (+1000)
Subject: don't return GSS_S_CREDENTIALS_EXPIRED if no expiry time
X-Git-Url: http://www.project-moonshot.org/gitweb/?p=moonshot.git;a=commitdiff_plain;h=feeeb25ddfc57e710a8bfe24b490da823845fc28

don't return GSS_S_CREDENTIALS_EXPIRED if no expiry time
---

diff --git a/mech_eap/accept_sec_context.c b/mech_eap/accept_sec_context.c
index 16e60fb..e73958e 100644
--- a/mech_eap/accept_sec_context.c
+++ b/mech_eap/accept_sec_context.c
@@ -121,7 +121,7 @@ acceptReadyEap(OM_uint32 *minor, gss_ctx_id_t ctx, gss_cred_id_t cred)
     if (GSS_ERROR(major))
         return major;
 
-    if (ctx->expiryTime < time(NULL)) {
+    if (ctx->expiryTime != 0 && ctx->expiryTime < time(NULL)) {
         *minor = GSSEAP_CRED_EXPIRED;
         return GSS_S_CREDENTIALS_EXPIRED;
     }