diff options
author | Simo Sorce <simo@redhat.com> | 2014-04-13 01:29:08 -0400 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2014-05-04 17:20:05 -0400 |
commit | bac5c2e082cb9e9c251e5e425b4c56e08ecc6922 (patch) | |
tree | a9559e4e9e9dec62266889fef1cda5c80bf2820b /src | |
parent | 614ac7a00ec0f1ee21cf630aae42e9b767ebca89 (diff) | |
download | gss-ntlmssp-bac5c2e082cb9e9c251e5e425b4c56e08ecc6922.tar.gz gss-ntlmssp-bac5c2e082cb9e9c251e5e425b4c56e08ecc6922.tar.xz gss-ntlmssp-bac5c2e082cb9e9c251e5e425b4c56e08ecc6922.zip |
Return flags and time when requested
The calling application may want to check what flags were actually
negotiated.
Spnego also depends on the mechanism properly returning flags when
integrity is negotiated for MIC purposes.
Diffstat (limited to 'src')
-rw-r--r-- | src/gss_sec_ctx.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/src/gss_sec_ctx.c b/src/gss_sec_ctx.c index 84f3fff..cd1418e 100644 --- a/src/gss_sec_ctx.c +++ b/src/gss_sec_ctx.c @@ -562,6 +562,14 @@ uint32_t gssntlm_init_sec_context(uint32_t *minor_status, /* in_flags all verified, assign as current flags */ ctx->neg_flags |= in_flags; + + if (ctx->neg_flags & NTLMSSP_NEGOTIATE_SIGN) { + ctx->gss_flags |= GSS_C_INTEG_FLAG; + } + if (ctx->neg_flags & NTLMSSP_NEGOTIATE_SEAL) { + ctx->gss_flags |= GSS_C_CONF_FLAG & GSS_C_INTEG_FLAG; + } + enc_sess_key.data = encrypted_random_session_key.data; enc_sess_key.length = encrypted_random_session_key.length; @@ -599,6 +607,9 @@ done: (retmaj != GSS_S_CONTINUE_NEEDED)) { gssntlm_delete_sec_context(&tmpmin, (gss_ctx_id_t *)&ctx, NULL); *minor_status = retmin; + } else { + if (ret_flags) *ret_flags = ctx->gss_flags; + if (time_rec) *time_rec = GSS_C_INDEFINITE; } *context_handle = (gss_ctx_id_t)ctx; if (claimant_cred_handle == GSS_C_NO_CREDENTIAL) { @@ -1155,6 +1166,9 @@ done: (retmaj != GSS_S_CONTINUE_NEEDED)) { gssntlm_delete_sec_context(&tmpmin, (gss_ctx_id_t *)&ctx, NULL); *minor_status = retmin; + } else { + if (ret_flags) *ret_flags = ctx->gss_flags; + if (time_rec) *time_rec = GSS_C_INDEFINITE; } *context_handle = (gss_ctx_id_t)ctx; gssntlm_release_name(&tmpmin, (gss_name_t *)&server_name); |