Add way to talk about MIC with SPNEGO

As agreed with MIT people, add an inquire mechanism that serves 2 roles.

On the one hand, if the spnego mechanism makes this call at all it means
it is recent enough to support forcing the mechlistMIC on if we create
an Authenticate message MIC. So remove the environment variable and
instead depend on the SPNEGO layer to call this function before the
Authenticate token is generated (usually right after the Negotiate token
has been produced).

On the other hand if this function has been called assume SPNEGO will
call again right after the authenticate message has been genrated to
know whether the mechlistMIC needs to be added.

1 files changed, 11 insertions, 0 deletions

diff --git a/src/gss_spi.c b/src/gss_spi.c
index bc681e9..a74bace 100644
--- a/src/gss_spi.c
+++ b/src/gss_spi.c
@@ -297,6 +297,17 @@ OM_uint32 gss_set_sec_context_option(OM_uint32 *minor_status,
                                           value);
 }
 
+OM_uint32 gss_inquire_sec_context_by_oid(OM_uint32 *minor_status,
+	                                 const gss_ctx_id_t context_handle,
+	                                 const gss_OID desired_object,
+	                                 gss_buffer_set_t *data_set)
+{
+    return gssntlm_inquire_sec_context_by_oid(minor_status,
+                                              context_handle,
+                                              desired_object,
+                                              data_set);
+}
+
 OM_uint32 gss_inquire_cred(OM_uint32 *minor_status,
                            gss_cred_id_t cred_handle,
                            gss_name_t *name,