oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Match the orignal patch I got from metze, seems that DCE-STYLE is even

Browse Source 
more weirer then what I though when I merged the patch.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23388 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2008-07-25 09:07:49 +00:00
parent eec537e94b
commit 1ef0828640
1 changed files with 15 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
lib/gssapi/krb5/init_sec_context.c
View File

@@ -660,24 +660,29 @@ repl_mutual
*ret_flags = ctx->flags; *ret_flags = ctx->flags;
if (req_flags & GSS_C_DCE_STYLE) { if (req_flags & GSS_C_DCE_STYLE) {
int32_t con_flags; int32_t local_seq, remote_seq;
krb5_data outbuf; krb5_data outbuf;
/* Do don't do sequence number for the mk-rep */ /*
krb5_auth_con_removeflags(context, * So DCE_STYLE is strange. The client echos the seq number
ctx->auth_context, * that the server used in the server's mk_rep in its own
KRB5_AUTH_CONTEXT_DO_SEQUENCE, * mk_rep(). After when done, it resets to it's own seq number
&con_flags); * for the gss_wrap calls.
*/
kret = krb5_mk_rep(context, krb5_auth_getremoteseqnumber(context, ctx->auth_context, &remote_seq);
ctx->auth_context, krb5_auth_con_getlocalseqnumber(context, ctx->auth_context, &local_seq);
&outbuf); krb5_auth_con_setlocalseqnumber(context, ctx->auth_context, remote_seq);
krb5_auth_con_setflags(context, ctx->auth_context, con_flags);
kret = krb5_mk_rep(context, ctx->auth_context, &outbuf);
if (kret) { if (kret) {
*minor_status = kret; *minor_status = kret;
return GSS_S_FAILURE; return GSS_S_FAILURE;
} }
/* reset local seq number */
krb5_auth_con_setlocalseqnumber(context, ctx->auth_context, local_seq);
output_token->length = outbuf.length; output_token->length = outbuf.length;
output_token->value = outbuf.data; output_token->value = outbuf.data;
} }