From 1ec5336b6687aa1682b18d28474fd337176736f6 Mon Sep 17 00:00:00 2001
From: Jon Rumsey <jrumsey@uk.ibm.com>
Date: Wed, 18 Sep 2024 10:31:25 +0100
Subject: [PATCH] negotiate: conditional check around GSS & SSL specific code

Fixes #14938
Reported-by: lomberd2 on github
Fixes #14952
Closes #14954
---
 lib/http_negotiate.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c
index 26e475c273..5dda475057 100644
--- a/lib/http_negotiate.c
+++ b/lib/http_negotiate.c
@@ -108,7 +108,7 @@ CURLcode Curl_input_negotiate(struct Curl_easy *data, struct connectdata *conn,
   neg_ctx->sslContext = conn->sslContext;
 #endif
   /* Check if the connection is using SSL and get the channel binding data */
-#ifdef HAVE_GSSAPI
+#if defined(USE_SSL) && defined(HAVE_GSSAPI)
   if(conn->handler->flags & PROTOPT_SSL) {
     Curl_dyn_init(&neg_ctx->channel_binding_data, SSL_CB_MAX_SIZE);
     result = Curl_ssl_get_channel_binding(
@@ -124,7 +124,7 @@ CURLcode Curl_input_negotiate(struct Curl_easy *data, struct connectdata *conn,
   result = Curl_auth_decode_spnego_message(data, userp, passwdp, service,
                                            host, header, neg_ctx);
 
-#ifdef HAVE_GSSAPI
+#if defined(USE_SSL) && defined(HAVE_GSSAPI)
   Curl_dyn_free(&neg_ctx->channel_binding_data);
 #endif