krb5: Fixed missing client response when mutual authentication enabled

Although mutual authentication is currently turned off and can only be
enabled by changing libcurl source code, authentication using Kerberos
5 has been broken since commit 79543caf90 in this use case.

2 files changed, 10 insertions, 0 deletions

diff --git a/lib/vauth/krb5_gssapi.c b/lib/vauth/krb5_gssapi.c
index 18c6dbb46..888a279c6 100644
--- a/lib/vauth/krb5_gssapi.c
+++ b/lib/vauth/krb5_gssapi.c
@@ -163,6 +163,11 @@ CURLcode Curl_auth_create_gssapi_user_message(struct SessionHandle *data,
 
     gss_release_buffer(&unused_status, &output_token);
   }
+  else if(mutual_auth) {
+    *outptr = strdup("");
+    if(!*outptr)
+      result = CURLE_OUT_OF_MEMORY;
+  }
 
   return result;
 }
diff --git a/lib/vauth/krb5_sspi.c b/lib/vauth/krb5_sspi.c
index ee80daee0..605933197 100644
--- a/lib/vauth/krb5_sspi.c
+++ b/lib/vauth/krb5_sspi.c
@@ -212,6 +212,11 @@ CURLcode Curl_auth_create_gssapi_user_message(struct SessionHandle *data,
     result = Curl_base64_encode(data, (char *) resp_buf.pvBuffer,
                                 resp_buf.cbBuffer, outptr, outlen);
   }
+  else if(mutual_auth) {
+    *outptr = strdup("");
+    if(!*outptr)
+      result = CURLE_OUT_OF_MEMORY;
+  }
 
   /* Free the decoded challenge */
   free(chlg);