2 files changed, 51 insertions, 13 deletions

diff --git a/src/lib/gssapi/mechglue/ChangeLog b/src/lib/gssapi/mechglue/ChangeLog
index 93351081d..edeb659ee 100644
--- a/src/lib/gssapi/mechglue/ChangeLog
+++ b/src/lib/gssapi/mechglue/ChangeLog
@@ -1,3 +1,11 @@
+Fri May  3 16:43:43 1996  Theodore Y. Ts'o  <tytso@mit.edu>
+
+	* g_inq_cred.c (gss_inquire_cred): Add code to support appropriate
+		behavior when the input credentials is NULL (i.e., the
+		default credential).  We use the default credential for
+		the "default mechanism", which is the first mechanism
+		registered with the library.
+
 Thu Apr 11 20:11:00 1996  Theodore Y. Ts'o  <tytso@dcl>
 
 	* g_acquire_cred.c (gss_add_cred): Fixed code to correctly handle
diff --git a/src/lib/gssapi/mechglue/g_inq_cred.c b/src/lib/gssapi/mechglue/g_inq_cred.c
index ae6493742..27412df02 100644
--- a/src/lib/gssapi/mechglue/g_inq_cred.c
+++ b/src/lib/gssapi/mechglue/g_inq_cred.c
@@ -50,28 +50,58 @@ int *			cred_usage;
 gss_OID_set *		mechanisms;
 
 {
-    OM_uint32		elapsed_time, temp_minor_status;
+    OM_uint32		status, elapsed_time, temp_minor_status;
     gss_union_cred_t	union_cred;
+    gss_mechanism	mech;
+    gss_name_t		internal_name;
     int			i;
     
     gss_initialize();
 
-    if(cred_handle == GSS_C_NO_CREDENTIAL)
-	
-	/* This action doesn't conform to the spec. We are supposed
-	 * to return information about the default credential.
-	 * However, we don't know what mechanism the default
-	 * credential is associated with, so we can't call
-	 * the mechanism specific version of gss_inquire_cred().
-	 * Consequently, we just return NO_CRED.
+    if (cred_handle == GSS_C_NO_CREDENTIAL) {
+	/*
+	 * No credential was supplied. This means we can't get a mechanism
+	 * pointer to call the mechanism specific gss_inquire_cred.
+	 * So, call get_mechanism with an arguement of GSS_C_NULL_OID.
+	 * get_mechanism will return the first mechanism in the mech
+	 * array, which becomes the default mechanism.
 	 */
+
+	if ((mech = __gss_get_mechanism(GSS_C_NULL_OID)) == NULL)
+	    return(GSS_S_NO_CRED);
+
+	if (!mech->gss_inquire_cred)
+		return (GSS_S_FAILURE);
 	
-	return(GSS_S_NO_CRED);
-    else
+	status = mech->gss_inquire_cred(mech->context, minor_status,
+					GSS_C_NO_CREDENTIAL,
+					name ? &internal_name : NULL,
+					lifetime, cred_usage, mechanisms);
+
+	if (status != GSS_S_COMPLETE)
+	    return(status);
+
+	if (name) {
+	    /*
+	     * Convert internal_name into a union_name equivalent.
+	     */
+	    status = __gss_convert_name_to_union_name(&temp_minor_status,
+						      mech, internal_name,
+						      name);
+	    if (status != GSS_S_COMPLETE) {
+		if (minor_status)
+		    *minor_status = temp_minor_status;
+		__gss_release_internal_name(&temp_minor_status,
+					    &mech->mech_type, &internal_name);
+		return (status);
+	    }
+	}
+	return(GSS_S_COMPLETE);
+    } 
 	
-	/* get the cred_handle cast as a union_credentials structure */
+    /* get the cred_handle cast as a union_credentials structure */
 	
-	union_cred = (gss_union_cred_t) cred_handle;
+    union_cred = (gss_union_cred_t) cred_handle;
     
     /*
      * get the information out of the union_cred structure that was