diff options
author | Andrew Bartlett <abartlet@samba.org> | 2006-01-25 22:47:10 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:51:28 -0500 |
commit | 20d9dc9796e866775dd8242a47481b7bb0c8cbad (patch) | |
tree | fda26e5f4e48be93e237f181ca5b86ffc3550c3c | |
parent | 96ca571f42940b164de51fffc3980709c101a80a (diff) | |
download | samba-20d9dc9796e866775dd8242a47481b7bb0c8cbad.tar.gz samba-20d9dc9796e866775dd8242a47481b7bb0c8cbad.tar.bz2 samba-20d9dc9796e866775dd8242a47481b7bb0c8cbad.zip |
r13144: This seems to be required for Samba4 to talk to Samba4, and to get the
same session key. I need to understand this more, but it works
samba/samba, and I don't have access to windows doing AES (longhorn)
yet.
Andrew Bartlett
(This used to be commit 38809b43a5d6bd668e9cb714573dc1e72ceff092)
-rw-r--r-- | source4/heimdal/lib/gssapi/init_sec_context.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/source4/heimdal/lib/gssapi/init_sec_context.c b/source4/heimdal/lib/gssapi/init_sec_context.c index 61c020b800..be34d8b560 100644 --- a/source4/heimdal/lib/gssapi/init_sec_context.c +++ b/source4/heimdal/lib/gssapi/init_sec_context.c @@ -358,6 +358,7 @@ gsskrb5_initiator_start Checksum cksum; krb5_enctype enctype; krb5_data fwd_data; + int is_cfx; krb5_data_zero(&outbuf); krb5_data_zero(&fwd_data); @@ -486,6 +487,16 @@ gsskrb5_initiator_start enctype = (*context_handle)->auth_context->keyblock->keytype; + gsskrb5_is_cfx(*context_handle, &is_cfx); + + if (is_cfx != 0) { + kret = krb5_auth_con_addflags(gssapi_krb5_context, + (*context_handle)->auth_context, + KRB5_AUTH_CONTEXT_USE_SUBKEY, + NULL); + (*context_handle)->more_flags |= ACCEPTOR_SUBKEY; + } + /* We need to create an Authenticator */ { kret = krb5_build_authenticator (gssapi_krb5_context, |