From b5cdf72e010d1bdec665d498a0da102e32f476d6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Sun, 14 Mar 2004 16:42:39 +0000
Subject: [PATCH] (gss_acquire_cred): check usage before even bothering to
 process it, add both keytab and initial tgt if requested

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13524 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/gssapi/acquire_cred.c      | 13 +++++++------
 lib/gssapi/krb5/acquire_cred.c | 13 +++++++------
 2 files changed, 14 insertions(+), 12 deletions(-)

diff --git a/lib/gssapi/acquire_cred.c b/lib/gssapi/acquire_cred.c
index 3adcae735..db55a102e 100644
--- a/lib/gssapi/acquire_cred.c
+++ b/lib/gssapi/acquire_cred.c
@@ -233,6 +233,11 @@ OM_uint32 gss_acquire_cred
     gss_cred_id_t handle;
     OM_uint32 ret;
 
+    if (cred_usage != GSS_C_ACCEPT && cred_usage != GSS_C_INITIATE && cred_usage != GSS_C_BOTH) {
+	*minor_status = GSS_KRB5_S_G_BAD_USAGE;
+	return GSS_S_FAILURE;
+    }
+
     GSSAPI_KRB5_INIT ();
 
     *output_cred_handle = NULL;
@@ -280,7 +285,8 @@ OM_uint32 gss_acquire_cred
 	    free(handle);
 	    return (ret);
 	}
-    } else if (cred_usage == GSS_C_ACCEPT || cred_usage == GSS_C_BOTH) {
+    }
+    if (cred_usage == GSS_C_ACCEPT || cred_usage == GSS_C_BOTH) {
 	ret = acquire_acceptor_cred(minor_status, desired_name, time_req,
 	    desired_mechs, cred_usage, handle, actual_mechs, time_rec);
 	if (ret != GSS_S_COMPLETE) {
@@ -288,11 +294,6 @@ OM_uint32 gss_acquire_cred
 	    free(handle);
 	    return (ret);
 	}
-    } else {
-	HEIMDAL_MUTEX_destroy(&handle->cred_id_mutex);
-	free(handle);
-	*minor_status = GSS_KRB5_S_G_BAD_USAGE;
-	return GSS_S_FAILURE;
     }
     ret = gss_create_empty_oid_set(minor_status, &handle->mechanisms);
     if (ret == GSS_S_COMPLETE)
diff --git a/lib/gssapi/krb5/acquire_cred.c b/lib/gssapi/krb5/acquire_cred.c
index 3adcae735..db55a102e 100644
--- a/lib/gssapi/krb5/acquire_cred.c
+++ b/lib/gssapi/krb5/acquire_cred.c
@@ -233,6 +233,11 @@ OM_uint32 gss_acquire_cred
     gss_cred_id_t handle;
     OM_uint32 ret;
 
+    if (cred_usage != GSS_C_ACCEPT && cred_usage != GSS_C_INITIATE && cred_usage != GSS_C_BOTH) {
+	*minor_status = GSS_KRB5_S_G_BAD_USAGE;
+	return GSS_S_FAILURE;
+    }
+
     GSSAPI_KRB5_INIT ();
 
     *output_cred_handle = NULL;
@@ -280,7 +285,8 @@ OM_uint32 gss_acquire_cred
 	    free(handle);
 	    return (ret);
 	}
-    } else if (cred_usage == GSS_C_ACCEPT || cred_usage == GSS_C_BOTH) {
+    }
+    if (cred_usage == GSS_C_ACCEPT || cred_usage == GSS_C_BOTH) {
 	ret = acquire_acceptor_cred(minor_status, desired_name, time_req,
 	    desired_mechs, cred_usage, handle, actual_mechs, time_rec);
 	if (ret != GSS_S_COMPLETE) {
@@ -288,11 +294,6 @@ OM_uint32 gss_acquire_cred
 	    free(handle);
 	    return (ret);
 	}
-    } else {
-	HEIMDAL_MUTEX_destroy(&handle->cred_id_mutex);
-	free(handle);
-	*minor_status = GSS_KRB5_S_G_BAD_USAGE;
-	return GSS_S_FAILURE;
     }
     ret = gss_create_empty_oid_set(minor_status, &handle->mechanisms);
     if (ret == GSS_S_COMPLETE)