r1365: in SPNEGO_SERVER_TARG we should not check the spnego_negResult

because the client don't send this

metze
(This used to be commit b1217a4ef6592082bb02fd0596a0563bacdf1d8e)

diff --git a/source4/libcli/auth/spnego.c b/source4/libcli/auth/spnego.c
index 02bc9043f5143906a3200547a9141abaf1b727eb..aa0f83700d09b5e1eb2904a82c1e79995d6de37e 100644 (file)
--- a/source4/libcli/auth/spnego.c
+++ b/source4/libcli/auth/spnego.c
@@ -340,10 +340,6 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
                                  spnego_state->expected_packet));
                        return NT_STATUS_INVALID_PARAMETER;
                }
-       
-               if (spnego.negTokenTarg.negResult == SPNEGO_REJECT) {
-                       return NT_STATUS_ACCESS_DENIED;
-               }
                
                if (spnego.negTokenTarg.responseToken.length) {
                        nt_status = gensec_update(spnego_state->sub_sec_security,
@@ -355,11 +351,6 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
                        nt_status = NT_STATUS_OK;
                }
                
-               if (NT_STATUS_IS_OK(nt_status) 
-                   && (spnego.negTokenTarg.negResult != SPNEGO_ACCEPT_COMPLETED)) {
-                       nt_status = NT_STATUS_INVALID_PARAMETER;
-               }
-               
                spnego_state->result = spnego.negTokenTarg.negResult;
                spnego_free_data(&spnego);