diff options
author | Stefan Metzmacher <metze@samba.org> | 2008-08-12 15:02:02 +0200 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2008-08-12 16:21:40 +0200 |
commit | 8c0fbbf6e927db9fdbffc28fcde0bea97c5e60e6 (patch) | |
tree | c8a36dfa01dc0d5e1e412b1dfa0d2e1d2457256b /source4/auth/gensec | |
parent | 588cc81760b5bac201afd039855f93b1592d16d4 (diff) | |
download | samba-8c0fbbf6e927db9fdbffc28fcde0bea97c5e60e6.tar.gz samba-8c0fbbf6e927db9fdbffc28fcde0bea97c5e60e6.tar.bz2 samba-8c0fbbf6e927db9fdbffc28fcde0bea97c5e60e6.zip |
gensec_gssapi: add support for GENSEC_FEATURE_NEW_SPNEGO
metze
(This used to be commit 9246924effd4d0b08ca1ef87e45ad510020df93e)
Diffstat (limited to 'source4/auth/gensec')
-rw-r--r-- | source4/auth/gensec/gensec_gssapi.c | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c index 7ded764095..0df40dc82f 100644 --- a/source4/auth/gensec/gensec_gssapi.c +++ b/source4/auth/gensec/gensec_gssapi.c @@ -1177,6 +1177,31 @@ static bool gensec_gssapi_have_feature(struct gensec_security *gensec_security, if (feature & GENSEC_FEATURE_DCE_STYLE) { return gensec_gssapi_state->got_flags & GSS_C_DCE_STYLE; } + if (feature & GENSEC_FEATURE_NEW_SPNEGO) { + NTSTATUS status; + + if (!(gensec_gssapi_state->got_flags & GSS_C_INTEG_FLAG)) { + return false; + } + + if (lp_parm_bool(gensec_security->lp_ctx, NULL, "gensec_gssapi", "force_new_spnego", false)) { + return true; + } + if (lp_parm_bool(gensec_security->lp_ctx, NULL, "gensec_gssapi", "disable_new_spnego", false)) { + return false; + } + + status = gensec_gssapi_init_lucid(gensec_gssapi_state); + if (!NT_STATUS_IS_OK(status)) { + return false; + } + + if (gensec_gssapi_state->lucid->protocol == 1) { + return true; + } + + return false; + } /* We can always do async (rather than strict request/reply) packets. */ if (feature & GENSEC_FEATURE_ASYNC_REPLIES) { return true; |