W00t! Client smb signing is now working correctly with krb5 and w2k server.

Server code *should* also work (I'll check shortly). May be the odd memory
leak. Problem was we (a) weren't setting signing on in the client krb5 sessionsetup
code (b) we need to ask for a subkey... (c). The client and server need to
ask for local and remote subkeys respectively.
Thanks to Paul Nelson @ Thursby for some sage advice on this :-).
Jeremy.
(This used to be commit 3f9e3b60709df5ab755045a093e642510d4cde00)

1 files changed, 1 insertions, 1 deletions

diff --git a/source3/libads/kerberos_verify.c b/source3/libads/kerberos_verify.c
index 25b7f9d948..4098b44c39 100644
--- a/source3/libads/kerberos_verify.c
+++ b/source3/libads/kerberos_verify.c
@@ -178,7 +178,7 @@ NTSTATUS ads_verify_ticket(ADS_STRUCT *ads, const DATA_BLOB *ticket,
 	*ap_rep = data_blob(packet.data, packet.length);
 	free(packet.data);
 
-	get_krb5_smb_session_key(context, auth_context, session_key);
+	get_krb5_smb_session_key(context, auth_context, session_key, True);
 #ifdef DEBUG_PASSWORD
 	DEBUG(10,("SMB session key (from ticket) follows:\n"));
 	dump_data(10, session_key, 16);