gensec: Refuse to seal if we did not negotiate to sign

Signed-off-by: Stefan Metzmacher <metze@samba.org>
author: Andrew Bartlett <abartlet@samba.org> 2011-10-15 14:56:01 +1100
committer: Andrew Bartlett <abartlet@samba.org> 2011-10-18 13:13:33 +1100
commit: 86d684e4d663141370b7332a9ab37e46f6ef68db (patch)
tree: 939b541cd18fd2c1306f06e4c6b478fdfd697766 /auth/gensec/gensec.c
parent: 09c5acdec825b9a1580f414ba19be04978aaee85 (diff)
download: samba-86d684e4d663141370b7332a9ab37e46f6ef68db.tar.gz
samba-86d684e4d663141370b7332a9ab37e46f6ef68db.tar.bz2
samba-86d684e4d663141370b7332a9ab37e46f6ef68db.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/auth/gensec/gensec.c b/auth/gensec/gensec.c
index c0ebc68bb5..b7f89f1d56 100644
--- a/auth/gensec/gensec.c
+++ b/auth/gensec/gensec.c
@@ -76,6 +76,9 @@ _PUBLIC_ NTSTATUS gensec_seal_packet(struct gensec_security *gensec_security,
 	if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_SEAL)) {
 		return NT_STATUS_INVALID_PARAMETER;
 	}
+	if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_SIGN)) {
+		return NT_STATUS_INVALID_PARAMETER;
+	}
 
 	return gensec_security->ops->seal_packet(gensec_security, mem_ctx, data, length, whole_pdu, pdu_length, sig);
 }
author	Andrew Bartlett <abartlet@samba.org>	2011-10-15 14:56:01 +1100
committer	Andrew Bartlett <abartlet@samba.org>	2011-10-18 13:13:33 +1100
commit	86d684e4d663141370b7332a9ab37e46f6ef68db (patch)
tree	939b541cd18fd2c1306f06e4c6b478fdfd697766 /auth/gensec/gensec.c
parent	09c5acdec825b9a1580f414ba19be04978aaee85 (diff)
download	samba-86d684e4d663141370b7332a9ab37e46f6ef68db.tar.gz samba-86d684e4d663141370b7332a9ab37e46f6ef68db.tar.bz2 samba-86d684e4d663141370b7332a9ab37e46f6ef68db.zip