diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2009-07-14 13:22:38 +1000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2009-07-16 09:23:35 +1000 |
| commit | 84dca625cab96f72123308d80a5aeed5fc42f0c5 (patch) | |
| tree | 26a32715bfb51d739064d2a4498ea4af235e2989 /source4/heimdal | |
| parent | bc354fb1a6fd524629434c199e2ca260a8400bb4 (diff) | |
| download | samba-84dca625cab96f72123308d80a5aeed5fc42f0c5.tar.gz samba-84dca625cab96f72123308d80a5aeed5fc42f0c5.tar.bz2 samba-84dca625cab96f72123308d80a5aeed5fc42f0c5.zip | |
s4:heimdal The implied GSS_C_MUTUAL_FLAG depends on AP_OPTS_MUTUAL_REQUIRED
We had previously assumed it was unconditional. Samba3 didn't mind
very much, but Samba4's samba3-like client did, and the behaviour
differed to Win2008 behaviour.
Andrew Bartlett
Diffstat (limited to 'source4/heimdal')
| -rw-r--r-- | source4/heimdal/lib/gssapi/krb5/accept_sec_context.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/source4/heimdal/lib/gssapi/krb5/accept_sec_context.c b/source4/heimdal/lib/gssapi/krb5/accept_sec_context.c index e0944852a7..8ead2bdf75 100644 --- a/source4/heimdal/lib/gssapi/krb5/accept_sec_context.c +++ b/source4/heimdal/lib/gssapi/krb5/accept_sec_context.c @@ -522,7 +522,10 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status, * Samba style get some flags (but not DCE-STYLE) */ ctx->flags = - GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG; + GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG; + if (ap_options & AP_OPTS_MUTUAL_REQUIRED) { + ctx->flags |= GSS_C_MUTUAL_FLAG; + } } } |