s4:ntlmssp Ensure that we always negotiate signing if we negotiate sealing.

[samba.git] / source4 / auth / ntlmssp / ntlmssp_client.c

diff --git a/source4/auth/ntlmssp/ntlmssp_client.c b/source4/auth/ntlmssp/ntlmssp_client.c
index d3c1165994cf4d2d14a7d0f3a2dfb7d9d6979786..b518fa87be45cadd0956448cbc264a4d63d83ae9 100644 (file)
--- a/source4/auth/ntlmssp/ntlmssp_client.c
+++ b/source4/auth/ntlmssp/ntlmssp_client.c
@@ -141,14 +141,14 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security,
        ntlmssp_handle_neg_flags(gensec_ntlmssp_state, chal_flags, gensec_ntlmssp_state->allow_lm_key);
 
        if (gensec_ntlmssp_state->unicode) {
-               if (chal_flags & NTLMSSP_CHAL_TARGET_INFO) {
+               if (chal_flags & NTLMSSP_NEGOTIATE_TARGET_INFO) {
                        chal_parse_string = "CdUdbddB";
                } else {
                        chal_parse_string = "CdUdbdd";
                }
                auth_gen_string = "CdBBUUUBd";
        } else {
-               if (chal_flags & NTLMSSP_CHAL_TARGET_INFO) {
+               if (chal_flags & NTLMSSP_NEGOTIATE_TARGET_INFO) {
                        chal_parse_string = "CdAdbddB";
                } else {
                        chal_parse_string = "CdAdbdd";
@@ -368,6 +368,7 @@ NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security)
                gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN;
        }
        if (gensec_security->want_features & GENSEC_FEATURE_SEAL) {
+               gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN;
                gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SEAL;
        }