summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2006-01-25 22:47:10 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:51:28 -0500
commit20d9dc9796e866775dd8242a47481b7bb0c8cbad (patch)
treefda26e5f4e48be93e237f181ca5b86ffc3550c3c
parent96ca571f42940b164de51fffc3980709c101a80a (diff)
downloadsamba-20d9dc9796e866775dd8242a47481b7bb0c8cbad.tar.gz
samba-20d9dc9796e866775dd8242a47481b7bb0c8cbad.tar.bz2
samba-20d9dc9796e866775dd8242a47481b7bb0c8cbad.zip
r13144: This seems to be required for Samba4 to talk to Samba4, and to get the
same session key. I need to understand this more, but it works samba/samba, and I don't have access to windows doing AES (longhorn) yet. Andrew Bartlett (This used to be commit 38809b43a5d6bd668e9cb714573dc1e72ceff092)
-rw-r--r--source4/heimdal/lib/gssapi/init_sec_context.c11
1 files changed, 11 insertions, 0 deletions
diff --git a/source4/heimdal/lib/gssapi/init_sec_context.c b/source4/heimdal/lib/gssapi/init_sec_context.c
index 61c020b800..be34d8b560 100644
--- a/source4/heimdal/lib/gssapi/init_sec_context.c
+++ b/source4/heimdal/lib/gssapi/init_sec_context.c
@@ -358,6 +358,7 @@ gsskrb5_initiator_start
Checksum cksum;
krb5_enctype enctype;
krb5_data fwd_data;
+ int is_cfx;
krb5_data_zero(&outbuf);
krb5_data_zero(&fwd_data);
@@ -486,6 +487,16 @@ gsskrb5_initiator_start
enctype = (*context_handle)->auth_context->keyblock->keytype;
+ gsskrb5_is_cfx(*context_handle, &is_cfx);
+
+ if (is_cfx != 0) {
+ kret = krb5_auth_con_addflags(gssapi_krb5_context,
+ (*context_handle)->auth_context,
+ KRB5_AUTH_CONTEXT_USE_SUBKEY,
+ NULL);
+ (*context_handle)->more_flags |= ACCEPTOR_SUBKEY;
+ }
+
/* We need to create an Authenticator */
{
kret = krb5_build_authenticator (gssapi_krb5_context,