diff options
author | David Woodhouse <David.Woodhouse@intel.com> | 2014-07-09 14:49:18 +0100 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2014-08-07 12:44:46 -0400 |
commit | 593fc9ad0c06f737c97d5e240fe70e2508c164d4 (patch) | |
tree | 3f3386c7610add28576e8a678f34f986f5bd3c6e /src | |
parent | 606a92c567e11565215d80e7e1424092c8eb0bde (diff) | |
download | gss-ntlmssp-593fc9ad0c06f737c97d5e240fe70e2508c164d4.tar.gz gss-ntlmssp-593fc9ad0c06f737c97d5e240fe70e2508c164d4.tar.xz gss-ntlmssp-593fc9ad0c06f737c97d5e240fe70e2508c164d4.zip |
Move local key and flags computations to the end
These can be safely done later and are in the way here.
We're going to want to use these with winbind auth, *after* it
has computed the auth message.
Diffstat (limited to 'src')
-rw-r--r-- | src/gss_sec_ctx.c | 34 |
1 files changed, 17 insertions, 17 deletions
diff --git a/src/gss_sec_ctx.c b/src/gss_sec_ctx.c index 8e43033..89972e6 100644 --- a/src/gss_sec_ctx.c +++ b/src/gss_sec_ctx.c @@ -609,26 +609,9 @@ uint32_t gssntlm_init_sec_context(uint32_t *minor_status, } } - if (protect) { - retmin = ntlm_signseal_keys(in_flags, true, - &ctx->exported_session_key, - &ctx->crypto_state); - if (retmin) { - retmaj = GSS_S_FAILURE; - goto done; - } - } - /* in_flags all verified, assign as current flags */ ctx->neg_flags |= in_flags; - if (ctx->neg_flags & NTLMSSP_NEGOTIATE_SIGN) { - ctx->gss_flags |= GSS_C_INTEG_FLAG; - } - if (ctx->neg_flags & NTLMSSP_NEGOTIATE_SEAL) { - ctx->gss_flags |= GSS_C_CONF_FLAG & GSS_C_INTEG_FLAG; - } - enc_sess_key.data = encrypted_random_session_key.data; enc_sess_key.length = encrypted_random_session_key.length; @@ -662,6 +645,23 @@ uint32_t gssntlm_init_sec_context(uint32_t *minor_status, ctx->int_flags |= NTLMSSP_CTX_FLAG_AUTH_WITH_MIC; } + if (protect) { + retmin = ntlm_signseal_keys(in_flags, true, + &ctx->exported_session_key, + &ctx->crypto_state); + if (retmin) { + retmaj = GSS_S_FAILURE; + goto done; + } + } + + if (ctx->neg_flags & NTLMSSP_NEGOTIATE_SIGN) { + ctx->gss_flags |= GSS_C_INTEG_FLAG; + } + if (ctx->neg_flags & NTLMSSP_NEGOTIATE_SEAL) { + ctx->gss_flags |= GSS_C_CONF_FLAG & GSS_C_INTEG_FLAG; + } + ctx->stage = NTLMSSP_STAGE_DONE; output_token->value = malloc(ctx->auth_msg.length); |