s4:rpc_server: tell the gensec layer that we want to do header signing

Note: header signing is still off by default, as the gensec backends
      don't support it together with seal yet.

metze

diff --git a/source4/rpc_server/dcesrv_auth.c b/source4/rpc_server/dcesrv_auth.c
index 52d5631cfd1572937eb448a3b3f5b823e5e66518..bef7e4be78134b94967ffa67a9a95e053fc2c2db 100644 (file)
--- a/source4/rpc_server/dcesrv_auth.c
+++ b/source4/rpc_server/dcesrv_auth.c
@@ -95,6 +95,10 @@ bool dcesrv_auth_bind(struct dcesrv_call_state *call)
                return false;
        }
 
+       if (call->conn->state_flags & DCESRV_CALL_STATE_FLAG_HEADER_SIGNING) {
+               gensec_want_feature(auth->gensec_security, GENSEC_FEATURE_SIGN_PKT_HEADER);
+       }
+
        return true;
 }