Fix ads_set_sasl_wrap_flags to only change sasl flags

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14439

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

diff --git a/source3/libads/ads_proto.h b/source3/libads/ads_proto.h
index cd9c1082681fa6fbc3b26686c35937587b3f0457..6cdde0cf6ebb25adb69b4974efb4451683a35b73 100644 (file)
--- a/source3/libads/ads_proto.h
+++ b/source3/libads/ads_proto.h
@@ -47,7 +47,7 @@ ADS_STRUCT *ads_init(const char *realm,
                     const char *workgroup,
                     const char *ldap_server,
                     enum ads_sasl_state_e sasl_state);
-bool ads_set_sasl_wrap_flags(ADS_STRUCT *ads, int flags);
+bool ads_set_sasl_wrap_flags(ADS_STRUCT *ads, unsigned flags);
 void ads_destroy(ADS_STRUCT **ads);
 
 /* The following definitions come from libads/disp_sec.c  */

diff --git a/source3/libads/ads_struct.c b/source3/libads/ads_struct.c
index 043a1b2124749ae64428eded918fa9e7f3e633bf..67a9a7cf75e1ec556b91ab1e9e097f9b0975e2d9 100644 (file)
--- a/source3/libads/ads_struct.c
+++ b/source3/libads/ads_struct.c
@@ -176,13 +176,17 @@ ADS_STRUCT *ads_init(const char *realm,
 /****************************************************************
 ****************************************************************/
 
-bool ads_set_sasl_wrap_flags(ADS_STRUCT *ads, int flags)
+bool ads_set_sasl_wrap_flags(ADS_STRUCT *ads, unsigned flags)
 {
+       unsigned other_flags;
+
        if (!ads) {
                return false;
        }
 
-       ads->auth.flags = flags;
+       other_flags = ads->auth.flags & ~(ADS_AUTH_SASL_SIGN|ADS_AUTH_SASL_SEAL);
+
+       ads->auth.flags = flags | other_flags;
 
        return true;
 }