If the application calling gss_accept_sec_context() doesn't pass a value
for ret_flags, we'd never be able to check if credentials had been delegated.

The passed-in ret_flags value is a pointer to a bitfield, so the comparision
as-written was not likely to work as expected.

Index: src/lib/gssapi/mechglue/g_accept_sec_context.c
===================================================================
--- src/lib/gssapi/mechglue/g_accept_sec_context.c	(revision 20038)
+++ src/lib/gssapi/mechglue/g_accept_sec_context.c	(working copy)
@@ -112,6 +112,7 @@
 
 {
     OM_uint32		status, temp_status, temp_minor_status;
+    OM_uint32		temp_ret_flags = 0;
     gss_union_ctx_id_t	union_ctx_id;
     gss_union_cred_t	union_cred;
     gss_cred_id_t	input_cred_handle = GSS_C_NO_CREDENTIAL;
@@ -202,7 +203,7 @@
 						  &internal_name,
 						  mech_type,
 						  output_token,
-						  ret_flags,
+						  &temp_ret_flags,
 						  time_rec,
 					d_cred ? &tmp_d_cred : NULL);
 
@@ -248,7 +249,7 @@
 	    }
 
 	    /* Ensure we're returning correct creds format */
-	    if ((ret_flags && GSS_C_DELEG_FLAG) &&
+	    if ((temp_ret_flags & GSS_C_DELEG_FLAG) &&
 		tmp_d_cred != GSS_C_NO_CREDENTIAL) {
 		gss_union_cred_t d_u_cred = NULL;
 
@@ -335,6 +336,8 @@
 	    if (src_name == NULL && tmp_src_name != NULL)
 		(void) gss_release_name(&temp_minor_status,
 					&tmp_src_name);
+	    if (ret_flags != NULL)
+		*ret_flags = temp_ret_flags;
 	    return	(status);
     } else {