Bug in canon_name.c?

[Michael Tautschnig]

Hi!

I tested the IPSec-daemon "racoon" and got segfaults when using gssapi_krb - 
authentication. I was able to track that down to the call of 
gss_canonicalize_name, which is called with GSS_C_NO_OID as the mech_type. 
Please correct me if that is wrong, but some documentation said that this 
would even be preferred - but gss_canonicalize_name checks the mech_type 
versus gss_mech_krb5 using the macro g_OID_equal which will immediatly 
segfault.

Is racoon doing something unwanted or is this a mit-kerberos-bug?

Regards, Michael

PS.: Please CC me, I am not on the list!