From: Sam Hartman <hartmans@mit.edu>
Date: Wed, 23 Dec 2009 21:10:00 +0000 (+0000)
Subject: Only check for anonymous if pkinit_identity is given a principal; the KDC does not... 
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cd607fc44c7ffc4ba1c0d0d1ecd05d482312d683;p=thirdparty%2Fkrb5.git

Only check for anonymous if pkinit_identity is given a principal; the KDC does not pass in a principal

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/anonymous@23495 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/plugins/preauth/pkinit/pkinit_identity.c b/src/plugins/preauth/pkinit/pkinit_identity.c
index 0ab214cf08..51a96dbd04 100644
--- a/src/plugins/preauth/pkinit/pkinit_identity.c
+++ b/src/plugins/preauth/pkinit/pkinit_identity.c
@@ -505,7 +505,7 @@ pkinit_identity_initialize(krb5_context context,
     int i;
 
     pkiDebug("%s: %p %p %p\n", __FUNCTION__, context, idopts, id_cryptoctx);
-    if (!krb5_principal_compare_any_realm (context, princ, krb5_anonymous_principal())) {
+    if (princ && !krb5_principal_compare_any_realm (context, princ, krb5_anonymous_principal())) {
         if (idopts == NULL || id_cryptoctx == NULL)
             goto errout;