2 files changed, 7 insertions, 18 deletions

diff --git a/src/svc_auth_gss.c b/src/svc_auth_gss.c
index d95eae1..bb0de16 100644
--- a/src/svc_auth_gss.c
+++ b/src/svc_auth_gss.c
@@ -99,7 +99,8 @@ struct svc_rpc_gss_data {
 	u_int			seqlast;	/* last sequence number */
 	u_int32_t		seqmask;	/* bitmask of seqnums */
 	gss_name_t		client_name;	/* unparsed name string */
-	rpc_gss_rawcred_t	rcred;		/* raw credential */
+	rpc_gss_rawcred_t	rcred;		/* internal raw credential */
+	rpc_gss_rawcred_t	scratch;	/* copy exposed to user */
 	rpc_gss_ucred_t		ucred;		/* cooked credential */
 	gid_t			gids[NGRPS];	/* list of groups */
 	bool_t			callback_done;	/* TRUE after callback */
@@ -917,11 +918,11 @@ rpc_gss_getcred(struct svc_req *rqst, rpc_gss_rawcred_t **rcred,
 	gd = SVCAUTH_PRIVATE(auth);
 
 	if (rcred != NULL) {
-		auth->raw_cred = gd->rcred;
-		auth->raw_cred.service = _rpc_gss_svc_to_service(gd->sec.svc);
-		(void)rpc_gss_num_to_qop(auth->raw_cred.mechanism, gd->sec.qop,
-						&auth->raw_cred.qop);
-		*rcred = &auth->raw_cred;
+		gd->scratch = gd->rcred;
+		gd->scratch.service = _rpc_gss_svc_to_service(gd->sec.svc);
+		(void)rpc_gss_num_to_qop(gd->scratch.mechanism, gd->sec.qop,
+						&gd->scratch.qop);
+		*rcred = &gd->scratch;
 	}
 
 	if (ucred != NULL) {
diff --git a/tirpc/rpc/svc_auth.h b/tirpc/rpc/svc_auth.h
index 44b38bf..67608d0 100644
--- a/tirpc/rpc/svc_auth.h
+++ b/tirpc/rpc/svc_auth.h
@@ -41,16 +41,6 @@
 #ifndef _RPC_SVC_AUTH_H
 #define _RPC_SVC_AUTH_H
 
-#include <rpc/rpcsec_gss.h>
-
-typedef struct {
-	bool_t			established;
-	rpc_gss_service_t	service;
-	u_int			qop_rcvd;
-	void			*context;
-	u_int			seq_num;
-} svc_rpc_gss_parms_t;
-
 /*
  * Interface to server-side authentication flavors.
  */
@@ -63,8 +53,6 @@ typedef struct SVCAUTH {
 		int     (*svc_ah_destroy)(struct SVCAUTH *);
 		} *svc_ah_ops;
 	caddr_t svc_ah_private;
-	svc_rpc_gss_parms_t svc_gss_params;
-	rpc_gss_rawcred_t raw_cred;
 } SVCAUTH;
 
 #define SVCAUTH_WRAP(auth, xdrs, xfunc, xwhere) \