oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Contributed by Andrew Bartlett:

Browse Source 
When Samba4's 'fake' GSSAPI client contacts Windows 2008, and does not
request AP_MUTUAL_REQUIRED, it does not elicit a response packet.

We had previously assumed it was unconditional.  Samba3 didn't mind
very much, but Samba4's samba3-like client did, and the behaviour
differed to Win2008 behaviour.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25328 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2009-07-15 22:18:00 +00:00
parent 452483e61c
commit de5f912e02
1 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
lib/gssapi/krb5/accept_sec_context.c
View File

@@ -517,10 +517,12 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status,
}
/*
* Samba style get some flags (but not DCE-STYLE)
* Samba style get some flags (but not DCE-STYLE), use
* ap_options to guess the mutual flag.
*/
ctx->flags =
GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG;
ctx->flags = GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG;
if (ap_options & AP_OPTS_MUTUAL_REQUIRED)
ctx->flags |= GSS_C_MUTUAL_FLAG;
}
}