auth: Fixed error handling in GSSAPI when __gss_userok() was used.

An invalid username would have been treated as successful and auth process
probably would have crashed.

diff --git a/src/auth/mech-gssapi.c b/src/auth/mech-gssapi.c
index 73fc0c8f41306cd2ad1a9302a66062a1d993ec9e..de59bf5580249b1110c3b603961fa1ef4ad8f2d2 100644 (file)
--- a/src/auth/mech-gssapi.c
+++ b/src/auth/mech-gssapi.c
@@ -416,8 +416,8 @@ mech_gssapi_krb5_userok(struct gssapi_auth_request *request,
        bool ret = FALSE;
 
        /* Parse out the principal's username */
-       if (!get_display_name(&request->auth_request, name, &name_type,
-                             &princ_display_name) < 0)
+       if (get_display_name(&request->auth_request, name, &name_type,
+                            &princ_display_name) < 0)
                return FALSE;
 
        if (!mech_gssapi_oid_cmp(name_type, GSS_KRB5_NT_PRINCIPAL_NAME) &&