Amend r23917 to correct some uses of *out_creds which should now use
authorGreg Hudson <ghudson@mit.edu>
Wed, 21 Apr 2010 23:23:09 +0000 (23:23 +0000)
committerGreg Hudson <ghudson@mit.edu>
Wed, 21 Apr 2010 23:23:09 +0000 (23:23 +0000)
the local variable.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23918 dc483132-0cff-0310-8789-dd5450dbe970

src/lib/gssapi/krb5/init_sec_context.c

index fd29c457166479973b938431efe01dec8654d798..82baca128a3a43346715cba9628fd566d3034323 100644 (file)
@@ -204,7 +204,7 @@ static krb5_error_code get_credentials(context, cred, server, now,
 
     if (flags & KRB5_GC_CONSTRAINED_DELEGATION) {
         if (!krb5_principal_compare(context, cred->name->princ,
-                                    (*out_creds)->client)) {
+                                    result_creds->client)) {
             /* server did not support constrained delegation */
             code = KRB5_KDCREP_MODIFIED;
             goto cleanup;
@@ -216,8 +216,7 @@ static krb5_error_code get_credentials(context, cred, server, now,
      * boundaries) because accept_sec_context code is also similarly
      * non-forgiving.
      */
-    if (!krb5_gss_dbg_client_expcreds && *out_creds != NULL &&
-        (*out_creds)->times.endtime < now) {
+    if (!krb5_gss_dbg_client_expcreds && result_creds->times.endtime < now) {
         code = KRB5KRB_AP_ERR_TKT_EXPIRED;
         goto cleanup;
     }