If the application calling gss_accept_sec_context() doesn't pass a value for ret_flags, we'd never be able to check if credentials had been delegated. The passed-in ret_flags value is a pointer to a bitfield, so the comparision as-written was not likely to work as expected. Index: src/lib/gssapi/mechglue/g_accept_sec_context.c =================================================================== --- src/lib/gssapi/mechglue/g_accept_sec_context.c (revision 20038) +++ src/lib/gssapi/mechglue/g_accept_sec_context.c (working copy) @@ -112,6 +112,7 @@ { OM_uint32 status, temp_status, temp_minor_status; + OM_uint32 temp_ret_flags = 0; gss_union_ctx_id_t union_ctx_id; gss_union_cred_t union_cred; gss_cred_id_t input_cred_handle = GSS_C_NO_CREDENTIAL; @@ -202,7 +203,7 @@ &internal_name, mech_type, output_token, - ret_flags, + ret_flags ? &temp_ret_flags : NULL, time_rec, d_cred ? &tmp_d_cred : NULL); @@ -248,7 +249,7 @@ } /* Ensure we're returning correct creds format */ - if ((ret_flags && GSS_C_DELEG_FLAG) && + if ((temp_ret_flags & GSS_C_DELEG_FLAG) && tmp_d_cred != GSS_C_NO_CREDENTIAL) { gss_union_cred_t d_u_cred = NULL; @@ -335,6 +336,8 @@ if (src_name == NULL && tmp_src_name != NULL) (void) gss_release_name(&temp_minor_status, &tmp_src_name); + if (ret_flags != NULL) + *ret_flags = temp_ret_flags; return (status); } else {