X-Git-Url: http://andersk.mit.edu/gitweb/gssapi-openssh.git/blobdiff_plain/941f3f292f6a74a7252f16e5466044ff10f6bd75..97f0f2cce4eeef89047da2228a6bea6274065f1e:/openssh/auth2-gss.c

diff --git a/openssh/auth2-gss.c b/openssh/auth2-gss.c
index 917cec7..def1b7b 100644
--- a/openssh/auth2-gss.c
+++ b/openssh/auth2-gss.c
@@ -100,15 +100,16 @@ userauth_gssapi(Authctxt *authctxt)
 		present = 0;
 		doid = packet_get_string(&len);
 
-		if (doid[0] != SSH_GSS_OIDTYPE || doid[1] != len-2) {
-			logit("Mechanism OID received using the old encoding form");
-			goid.elements = doid;
-			goid.length = len;
-		} else {
+		if (len > 2 &&
+		   doid[0] == SSH_GSS_OIDTYPE &&
+		   doid[1] == len - 2) {
 			goid.elements = doid + 2;
 			goid.length   = len - 2;
+			gss_test_oid_set_member(&ms, &goid, supported,
+			    &present);
+		} else {
+			logit("Badly formed OID received");
 		}
-		gss_test_oid_set_member(&ms, &goid, supported, &present);
 	} while (mechs > 0 && !present);
 
 	gss_release_oid_set(&ms, &supported);
@@ -234,11 +235,11 @@ input_gssapi_errtok(int type, u_int32_t plen, void *ctxt)
 static void
 gssapi_set_implicit_username(Authctxt *authctxt)
 {
-    if ((authctxt->user == NULL) || (strcmp(authctxt->user, "") == 0)) {
+    if ((authctxt->user == NULL) || (authctxt->user[0] == '\0')) {
 	char *lname = NULL;
 	PRIVSEP(ssh_gssapi_localname(&lname));
 	if (lname && lname[0] != '\0') {
-	    xfree(authctxt->user);
+	    if (authctxt->user) xfree(authctxt->user);
 	    authctxt->user = lname;
 	    debug("set username to %s from gssapi context", lname);
 	    authctxt->pw = PRIVSEP(getpwnamallow(authctxt->user));