oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

If there is a initiator subkey, copy that to acceptor subkey to match

Browse Source 
windows behavior. From Metze.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23528 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2008-08-14 23:29:40 +00:00
parent 3b3ffff06d
commit a48756092c
1 changed files with 26 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
lib/gssapi/krb5/accept_sec_context.c
View File

@@ -520,16 +520,36 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status,
if(ctx->flags & GSS_C_MUTUAL_FLAG) { if(ctx->flags & GSS_C_MUTUAL_FLAG) {
krb5_data outbuf; krb5_data outbuf;
int use_subkey = 0;
_gsskrb5i_is_cfx(ctx, &is_cfx); _gsskrb5i_is_cfx(ctx, &is_cfx);
if (is_cfx != 0 if (is_cfx || (ap_options & AP_OPTS_USE_SUBKEY)) {
|| (ap_options & AP_OPTS_USE_SUBKEY)) { use_subkey = 1;
kret = krb5_auth_con_addflags(context, } else {
ctx->auth_context, krb5_keyblock *rkey;
KRB5_AUTH_CONTEXT_USE_SUBKEY,
NULL); /*
* If there is a initiator subkey, copy that to acceptor
* subkey to match Windows behavior
*/
kret = krb5_auth_con_getremotesubkey(context,
ctx->auth_context,
&rkey);
if (kret == 0) {
kret = krb5_auth_con_setlocalsubkey(context,
ctx->auth_context,
rkey);
if (kret == 0)
use_subkey = 1;
krb5_free_keyblock(context, rkey);
}
}
if (use_subkey) {
ctx->more_flags |= ACCEPTOR_SUBKEY; ctx->more_flags |= ACCEPTOR_SUBKEY;
krb5_auth_con_addflags(context, ctx->auth_context,
KRB5_AUTH_CONTEXT_USE_SUBKEY,
NULL);
} }
kret = krb5_mk_rep(context, kret = krb5_mk_rep(context,