git.samba.org
/
kai
/
samba.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
2c46585
)
s4:gensec_gssapi: avoid delegation if s4u2self/proxy is used
author
Stefan Metzmacher
<metze@samba.org>
Fri, 25 Mar 2011 14:44:50 +0000
(15:44 +0100)
committer
Stefan Metzmacher
<metze@samba.org>
Wed, 18 May 2011 05:46:38 +0000
(07:46 +0200)
metze
source4/auth/gensec/gensec_gssapi.c
patch
|
blob
|
history
diff --git
a/source4/auth/gensec/gensec_gssapi.c
b/source4/auth/gensec/gensec_gssapi.c
index 4bdd7f88dc3d50cfbfdf92d97b3487b78b9defc4..47f47745a50d5293fab139d6969a79e6232a49b6 100644
(file)
--- a/
source4/auth/gensec/gensec_gssapi.c
+++ b/
source4/auth/gensec/gensec_gssapi.c
@@
-302,6
+302,10
@@
static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
gensec_gssapi_state = talloc_get_type(gensec_security->private_data, struct gensec_gssapi_state);
+ if (cli_credentials_get_impersonate_principal(creds)) {
+ gensec_gssapi_state->want_flags &= ~(GSS_C_DELEG_FLAG|GSS_C_DELEG_POLICY_FLAG);
+ }
+
gensec_gssapi_state->target_principal = gensec_get_target_principal(gensec_security);
if (gensec_gssapi_state->target_principal) {
name_type = GSS_C_NULL_OID;