git.samba.org / idra / gss-ntlmssp.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1fedabd)
Always use Extedned Session Security when possible
authorSimo Sorce <simo@redhat.com>
Sun, 13 Apr 2014 06:06:32 +0000 (02:06 -0400)
committerSimo Sorce <simo@redhat.com>
Sun, 4 May 2014 21:21:06 +0000 (17:21 -0400)
MS-NLMP 3.1.5.1.1 recommends to set the extended session security flag
if LM authentication is not going to be used.

src/gss_sec_ctx.c patch | blob | history

diff --git a/src/gss_sec_ctx.c b/src/gss_sec_ctx.c
index cd1418e97cdb0e249be76df94e66d37a0da14db0..eeb97872064a40bb896fe205f0fb99b859d901df 100644 (file)
--- a/src/gss_sec_ctx.c
+++ b/src/gss_sec_ctx.c
@@ -189,6 +189,7 @@ uint32_t gssntlm_init_sec_context(uint32_t *minor_status,
         }
         if (!(sec_req & SEC_LM_OK)) {
             ctx->neg_flags &= ~NTLMSSP_NEGOTIATE_LM_KEY;
+            ctx->neg_flags |= NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY;
         }
         if (!(sec_req & SEC_EXT_SEC_OK)) {
             ctx->neg_flags &= ~NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY;
Unnamed repository; edit this file 'description' to name the repository.