From cdcb5afeb8898f7645427759eedddd704164e80f Mon Sep 17 00:00:00 2001
From: Gerardo Ganis <Gerardo.Ganis@cern.ch>
Date: Fri, 14 Dec 2018 15:05:51 +0100
Subject: [PATCH] secgsi: additional fixes for the no-padding case

---
 src/XrdSecgsi/XrdSecProtocolgsi.cc | 26 +++++++++++---------------
 1 file changed, 11 insertions(+), 15 deletions(-)

diff --git a/src/XrdSecgsi/XrdSecProtocolgsi.cc b/src/XrdSecgsi/XrdSecProtocolgsi.cc
index 91f17a8ac68..109c7b42977 100644
--- a/src/XrdSecgsi/XrdSecProtocolgsi.cc
+++ b/src/XrdSecgsi/XrdSecProtocolgsi.cc
@@ -1486,7 +1486,7 @@ XrdSecCredentials *XrdSecProtocolgsi::getCredentials(XrdSecParameters *parm,
       // Add bucket with cryptomod to the global list
       // (This must be always visible from now on)
       CryptoMod = hs->CryptoMod;
-      if (hs->RemVers >= XrdSecgsiVersDHsigned && !(hs->HasPad)) CryptoMod =+ gNoPadTag;
+      if (hs->RemVers >= XrdSecgsiVersDHsigned && !(hs->HasPad)) CryptoMod += gNoPadTag;
       if (bpar->AddBucket(CryptoMod,kXRS_cryptomod) != 0)
          return ErrC(ei,bpar,bmai,0,
               kGSErrCreateBucket,XrdSutBuckStr(kXRS_cryptomod),stepstr);
@@ -3508,6 +3508,16 @@ int XrdSecProtocolgsi::ServerDoCertreq(XrdSutBuffer *br, XrdSutBuffer **bm,
    XrdSutBucket *bck = 0;
    XrdSutBucket *bckm = 0;
 
+   //
+   // Get version run by client, if there
+   if (br->UnmarshalBucket(kXRS_version,hs->RemVers) != 0) {
+      hs->RemVers = Version;
+      cmsg = "client version information not found in options:"
+             " assume same as local";
+   } else {
+      br->Deactivate(kXRS_version);
+   }
+
    //
    // Extract the main buffer 
    if (!(bckm = br->GetBucket(kXRS_main))) {
@@ -3528,16 +3538,6 @@ int XrdSecProtocolgsi::ServerDoCertreq(XrdSutBuffer *br, XrdSutBuffer **bm,
       cmsg += cmod;
       return -1;
    }
-
-   //
-   // Get version run by client, if there
-   if (br->UnmarshalBucket(kXRS_version,hs->RemVers) != 0) {
-      hs->RemVers = Version;
-      cmsg = "client version information not found in options:"
-             " assume same as local";
-   } else {
-      br->Deactivate(kXRS_version);
-   }
    //
    // Extract bucket with client issuer hash
    if (!(bck = br->GetBucket(kXRS_issuer_hash))) {
@@ -4925,11 +4925,7 @@ int XrdSecProtocolgsi::ParseCrypto(String clist)
                }
             }
             // On servers the ref cipher should be defined at this point
-#if 0
-            hs->Rcip = refcip[i];
-#else
             hs->Rcip = sessionCF->Cipher(hs->HasPad, 0,0,0);
-#endif
             // we are done
             return 0;
          }