From 545c1ad1b939015b618a1a979c435dbba70845bd Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Sat, 14 Jan 2012 11:28:28 +0100 Subject: s3-gse: the server should not check for GSS_C_MUTUAL_FLAG It up to the client to ask for GSS_C_MUTUAL_FLAG, except for the dcerpc case, where the server is stricter. metze --- source3/librpc/crypto/gse.c | 6 ------ 1 file changed, 6 deletions(-) (limited to 'source3/librpc/crypto/gse.c') diff --git a/source3/librpc/crypto/gse.c b/source3/librpc/crypto/gse.c index 5a5492f80a..c7ce38e14f 100644 --- a/source3/librpc/crypto/gse.c +++ b/source3/librpc/crypto/gse.c @@ -527,12 +527,6 @@ static NTSTATUS gse_verify_server_auth_flags(struct gse_context *gse_ctx) } /* GSS_C_MUTUAL_FLAG */ - if (gse_ctx->gss_want_flags & GSS_C_MUTUAL_FLAG) { - if (!(gse_ctx->gss_got_flags & GSS_C_MUTUAL_FLAG)) { - return NT_STATUS_ACCESS_DENIED; - } - } - /* GSS_C_DELEG_FLAG */ /* GSS_C_DELEG_POLICY_FLAG */ /* GSS_C_REPLAY_FLAG */ -- cgit