From 08305cc21ebc49129b639d948fefb232406cd860 Mon Sep 17 00:00:00 2001 From: Luke Howard Date: Sat, 8 Oct 2011 01:39:32 +1100 Subject: [PATCH] Don't fail if password supplied by caller If the libmoonshot or static (file-based) identity resolver fails, and the caller provided a password via gss_acquire_cred_with_password(), then resolving the credential should not fail. --- moonshot/mech_eap/util_cred.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/moonshot/mech_eap/util_cred.c b/moonshot/mech_eap/util_cred.c index 444a1d7..8c954c2 100644 --- a/moonshot/mech_eap/util_cred.c +++ b/moonshot/mech_eap/util_cred.c @@ -728,9 +728,10 @@ gssEapResolveInitiatorCred(OM_uint32 *minor, if (major == GSS_S_CRED_UNAVAIL) #endif major = staticIdentityFileResolveInitiatorCred(minor, resolvedCred); - if (GSS_ERROR(major)) + if (GSS_ERROR(major) && major != GSS_S_CRED_UNAVAIL) goto cleanup; + /* If we have a caller-supplied password, the credential is resolved. */ if ((resolvedCred->flags & CRED_FLAG_PASSWORD) == 0) { major = GSS_S_CRED_UNAVAIL; *minor = GSSEAP_NO_DEFAULT_CRED; -- 2.1.4