We can handle only mech status codes

Return an error if status_type is bogus.
We can't call gss_display_status() for GSS_C_GSS_CODE because we'd loop
back to ourselves as unfortunately the GSSAPI mechanisms SPI uses the
same symbol names as the public API ...

diff --git a/src/gss_err.c b/src/gss_err.c
index dd43a49318c4a7bac610be15e7668870a4be61d9..712203dac90780fbd67f5a48418c40735129877b 100644 (file)
--- a/src/gss_err.c
+++ b/src/gss_err.c
@@ -27,7 +27,13 @@ uint32_t gssntlm_display_status(uint32_t *minor_status,
         return GSS_S_CALL_INACCESSIBLE_READ;
     }
 
+    if (status_type != GSS_C_MECH_CODE) {
+        *minor_status = EINVAL;
+        return GSS_S_BAD_STATUS;
+    }
+
     *minor_status = 0;
+    *message_context = 0;
     status_string->length = 0;
     status_string->value = NULL;