- patch from rawhide.

Changed files:
    cyrus-sasl-external.patch -> 1.1

diff --git a/cyrus-sasl-external.patch b/cyrus-sasl-external.patch
new file mode 100644 (file)
index 0000000..75767c1
--- /dev/null
+++ b/cyrus-sasl-external.patch
@@ -0,0 +1,24 @@
+--- cyrus-sasl-1.5.24/plugins/gssapi.c Wed Dec  6 11:39:51 2000
++++ cyrus-sasl-1.5.24/plugins/gssapi.c Wed Dec  6 11:42:31 2000
+@@ -1241,9 +1241,18 @@
+           return SASL_BADPARAM;
+       }
+ 
+-      /* need bits of layer */
+-      allowed = secprops.max_ssf - external;
+-      need = secprops.min_ssf - external;
++      /* need bits of layer -- sasl_ssf_t is unsigned so be careful */
++      if(secprops.max_ssf >= external) {
++              allowed = secprops.max_ssf - external;
++      } else {
++              allowed = 0;
++      }
++      if(secprops.min_ssf >= external) {
++              need = secprops.min_ssf - external;
++      } else {
++              /* good to go */
++              need = 0;
++      }
+       serverhas = ((char *)output_token->value)[0];
+ 
+       /* if client didn't set use strongest layer available */