git.samba.org / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: bc354fb)
s4:heimdal The implied GSS_C_MUTUAL_FLAG depends on AP_OPTS_MUTUAL_REQUIRED
authorAndrew Bartlett <abartlet@samba.org>
Tue, 14 Jul 2009 03:22:38 +0000 (13:22 +1000)
committerAndrew Bartlett <abartlet@samba.org>
Wed, 15 Jul 2009 23:23:35 +0000 (09:23 +1000)
We had previously assumed it was unconditional.  Samba3 didn't mind
very much, but Samba4's samba3-like client did, and the behaviour
differed to Win2008 behaviour.

Andrew Bartlett

source4/heimdal/lib/gssapi/krb5/accept_sec_context.c patch | blob | history

diff --git a/source4/heimdal/lib/gssapi/krb5/accept_sec_context.c b/source4/heimdal/lib/gssapi/krb5/accept_sec_context.c
index e0944852a7ea1749441b85c2c5d72a1ce6537914..8ead2bdf75e40d76fbfa1df71f8eb80d2b14c1a9 100644 (file)
--- a/source4/heimdal/lib/gssapi/krb5/accept_sec_context.c
+++ b/source4/heimdal/lib/gssapi/krb5/accept_sec_context.c
@@ -522,7 +522,10 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status,
             * Samba style get some flags (but not DCE-STYLE)
             */
            ctx->flags =
-               GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG;
+               GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG;
+           if (ap_options & AP_OPTS_MUTUAL_REQUIRED) {
+                   ctx->flags |= GSS_C_MUTUAL_FLAG;
+           }
         }
     }
 
Samba Shared Repository