diff options
| author | Stefan Metzmacher <metze@samba.org> | 2008-08-26 12:23:13 +0200 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2008-08-26 12:30:02 +0200 |
| commit | 64826077bf966c21008358b8e66f410034864fed (patch) | |
| tree | fff265d306200ca6f3ed9e0c6ad22fb14822605b /source4/heimdal/lib/gssapi | |
| parent | 467e3f7760c438cba468cc4b39c66d3ce4b79c95 (diff) | |
| download | samba-64826077bf966c21008358b8e66f410034864fed.tar.gz samba-64826077bf966c21008358b8e66f410034864fed.tar.bz2 samba-64826077bf966c21008358b8e66f410034864fed.zip | |
Revert "gsskrb5: always return an acceptor subkey"
This reverts commit 6a8b07c39558f240b89e833ecba15d8b9fc020e8.
This isn't strictly needed and will come back in the next merge
from heimdal's trunk.
metze
(This used to be commit 8ed040c8c4bed082ab74ab267090b35bb57db3f3)
Diffstat (limited to 'source4/heimdal/lib/gssapi')
| -rw-r--r-- | source4/heimdal/lib/gssapi/krb5/accept_sec_context.c | 22 |
1 files changed, 4 insertions, 18 deletions
diff --git a/source4/heimdal/lib/gssapi/krb5/accept_sec_context.c b/source4/heimdal/lib/gssapi/krb5/accept_sec_context.c index a6f0f31246..8dbd087da6 100644 --- a/source4/heimdal/lib/gssapi/krb5/accept_sec_context.c +++ b/source4/heimdal/lib/gssapi/krb5/accept_sec_context.c @@ -520,30 +520,16 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status, if(ctx->flags & GSS_C_MUTUAL_FLAG) { krb5_data outbuf; - int use_subkey = 0; _gsskrb5i_is_cfx(ctx, &is_cfx); if (is_cfx != 0 || (ap_options & AP_OPTS_USE_SUBKEY)) { - use_subkey = 1; - } else { - krb5_keyblock *rkey; - kret = krb5_auth_con_getremotesubkey(context, ctx->auth_context, &rkey); - if (kret == 0) { - kret = krb5_auth_con_setlocalsubkey(context, ctx->auth_context, rkey); - if (kret == 0) { - use_subkey = 1; - } - krb5_free_keyblock(context, rkey); - } - } - if (use_subkey) { + kret = krb5_auth_con_addflags(context, + ctx->auth_context, + KRB5_AUTH_CONTEXT_USE_SUBKEY, + NULL); ctx->more_flags |= ACCEPTOR_SUBKEY; - krb5_auth_con_addflags(context, - ctx->auth_context, - KRB5_AUTH_CONTEXT_USE_SUBKEY, - NULL); } kret = krb5_mk_rep(context, |