From f17e48f613237667d0737274562e0963e797e77e Mon Sep 17 00:00:00 2001
From: Luke Howard <lukeh@padl.com>
Date: Thu, 3 Jan 2019 16:13:16 +1100
Subject: [PATCH] gssapi: gss_compare_name() both ways (#503)

In the case that one name has no MNs and the second name only has an MN, then
the order in which the two names are passed in matters, but it shouldn't. Run
the comparison both ways.
---
 lib/gssapi/mech/gss_compare_name.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/lib/gssapi/mech/gss_compare_name.c b/lib/gssapi/mech/gss_compare_name.c
index b2032d89e..fa2b08226 100644
--- a/lib/gssapi/mech/gss_compare_name.c
+++ b/lib/gssapi/mech/gss_compare_name.c
@@ -68,6 +68,19 @@ gss_compare_name(OM_uint32 *minor_status,
 						name_equal));
 			}
 		}
+		HEIM_SLIST_FOREACH(mn2, &name2->gn_mn, gmn_link) {
+			OM_uint32 major_status;
+
+			major_status = _gss_find_mn(minor_status, name1,
+						    mn2->gmn_mech_oid, &mn1);
+			if (major_status == GSS_S_COMPLETE && mn1) {
+				return (mn2->gmn_mech->gm_compare_name(
+						minor_status,
+						mn2->gmn_name,
+						mn1->gmn_name,
+						name_equal));
+			}
+		}
 		*name_equal = 0;
 	}