diff options
author | Stefan Metzmacher <metze@samba.org> | 2016-09-01 11:00:54 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2016-10-26 11:20:12 +0200 |
commit | 5204ad6a14d4ff4ecb5ed38e2a8680426bb5ed52 (patch) | |
tree | 67eb8ab6da61dd6d21bd8d4c0cbb302b0fa304ca /auth/gensec/gensec_start.c | |
parent | 5db81a11013541eb9c543501e37d670471727cee (diff) | |
download | samba-5204ad6a14d4ff4ecb5ed38e2a8680426bb5ed52.tar.gz |
auth/gensec: only require GENSEC_FEATURE_SIGN for DCERPC_AUTH_LEVEL_INTEGRITY as client
On the server this check is deferred to the first request.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Diffstat (limited to 'auth/gensec/gensec_start.c')
-rw-r--r-- | auth/gensec/gensec_start.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/auth/gensec/gensec_start.c b/auth/gensec/gensec_start.c index 1e616277dad..89a7a9b1ea5 100644 --- a/auth/gensec/gensec_start.c +++ b/auth/gensec/gensec_start.c @@ -742,7 +742,9 @@ _PUBLIC_ NTSTATUS gensec_start_mech_by_authtype(struct gensec_security *gensec_s gensec_want_feature(gensec_security, GENSEC_FEATURE_DCE_STYLE); gensec_want_feature(gensec_security, GENSEC_FEATURE_ASYNC_REPLIES); if (auth_level == DCERPC_AUTH_LEVEL_INTEGRITY) { - gensec_want_feature(gensec_security, GENSEC_FEATURE_SIGN); + if (gensec_security->gensec_role == GENSEC_CLIENT) { + gensec_want_feature(gensec_security, GENSEC_FEATURE_SIGN); + } } else if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { gensec_want_feature(gensec_security, GENSEC_FEATURE_SIGN); gensec_want_feature(gensec_security, GENSEC_FEATURE_SEAL); |