From: Jon Rumsey <jrumsey@uk.ibm.com>
Date: Wed, 18 Sep 2024 09:31:25 +0000 (+0100)
Subject: negotiate: conditional check around GSS & SSL specific code
X-Git-Tag: curl-8_11_0~434
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1ec5336b6687aa1682b18d28474fd337176736f6;p=thirdparty%2Fcurl.git

negotiate: conditional check around GSS & SSL specific code

Fixes #14938
Reported-by: lomberd2 on github
Fixes #14952
Closes #14954
---

diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c
index 26e475c273..5dda475057 100644
--- a/lib/http_negotiate.c
+++ b/lib/http_negotiate.c
@@ -108,7 +108,7 @@ CURLcode Curl_input_negotiate(struct Curl_easy *data, struct connectdata *conn,
   neg_ctx->sslContext = conn->sslContext;
 #endif
   /* Check if the connection is using SSL and get the channel binding data */
-#ifdef HAVE_GSSAPI
+#if defined(USE_SSL) && defined(HAVE_GSSAPI)
   if(conn->handler->flags & PROTOPT_SSL) {
     Curl_dyn_init(&neg_ctx->channel_binding_data, SSL_CB_MAX_SIZE);
     result = Curl_ssl_get_channel_binding(
@@ -124,7 +124,7 @@ CURLcode Curl_input_negotiate(struct Curl_easy *data, struct connectdata *conn,
   result = Curl_auth_decode_spnego_message(data, userp, passwdp, service,
                                            host, header, neg_ctx);
 
-#ifdef HAVE_GSSAPI
+#if defined(USE_SSL) && defined(HAVE_GSSAPI)
   Curl_dyn_free(&neg_ctx->channel_binding_data);
 #endif