Problem: GSSAPI can no longer be used without ZAP

Solution: do not fail if ZAP is not enabled. GSSAPI already provides authentication and can be used separately, so it is a valid use case.
2025-01-01 19:05:18 +08:00 · 2017-06-13 22:52:59 +01:00 · 2017-06-13 22:52:59 +01:00 · 6ad0b08da9
commit 6ad0b08da9
parent 0ce18eac25
1 changed files with 13 additions and 14 deletions
--- a/src/gssapi_server.cpp
+++ b/src/gssapi_server.cpp
@ -122,21 +122,20 @@ int zmq::gssapi_server_t::process_handshake_command (msg_t *msg_)
        //  Use ZAP protocol (RFC 27) to authenticate the user.
        //  Note that rc will be -1 only if ZAP is not set up, but if it was
        //  requested and it does not work properly the program will abort.
+        bool expecting_zap_reply = false;
        int rc = session->zap_connect ();
-        if (rc != 0)
-            return -1;
-        rc = send_zap_request ();
-        if (rc != 0)
-            return -1;
-        rc = receive_and_process_zap_reply ();
-        if (rc == 0)
-            state = send_ready;
-        else
-        if (errno == EAGAIN)
-            state = expect_zap_reply;
-        else
-            return -1;
-
+        if (rc == 0) {
+            rc = send_zap_request ();
+            if (rc != 0)
+                return -1;
+            rc = receive_and_process_zap_reply ();
+            if (rc != 0) {
+                if (errno != EAGAIN)
+                    return -1;
+                expecting_zap_reply = true;
+            }
+        }
+        state = expecting_zap_reply? expect_zap_reply: send_ready;
        return 0;
    }