Description of problem:
GSSPROXY calls gss_inquire_attrs_for_mech for each known mechanism. MIT KRB5's mech glue layer will see if this function is defined for the mechanism, and will provide default behavior if not. The default behavior is to leave both attributes sets NULL and return GSS_S_COMPLETE. GSSPROXY then sees that the call was successful but since the attribute set is NULL, it dereferences a NULL pointer while copying the attributes.

src/gp_rpc_indicate_mechs.c
gss_release_oid_set(&ret_min, &name_types);

ret_maj = gss_inquire_attrs_for_mech(&ret_min,
&mech_set->elements[i],
&mech_attrs,
&known_mech_attrs);
if (ret_maj)

>>> ret = gp_conv_oid_set_to_gssx(mech_attrs, &mi->mech_attrs);
if (ret)

Version-Release number of selected component (if applicable):
All up to latest as of this report: gssproxy-0.8.0-21.el8.x86_64

How reproducible:
Always

Steps to Reproduce:
1. Set an application to use the GSS proxy. This seems to be through the environment variable GSS_USE_PROXY=1
2. Add a mechanism that does not define gss_inquire_attrs_for_mech to /etc/gss/mechs.d
3. Watch GSSPROXY crash when a program such as Apache HTTPD attempts GSS auth.

Actual results:
SIGSEGV

Expected results:
Credential proxy behavior

Additional info: