git.samba.org / kai / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 66d8da1)
Revert "gsskrb5: always return an acceptor subkey"
authorStefan Metzmacher <metze@samba.org>
Tue, 26 Aug 2008 10:23:13 +0000 (12:23 +0200)
committerStefan Metzmacher <metze@samba.org>
Tue, 26 Aug 2008 10:30:02 +0000 (12:30 +0200)
This reverts commit 6a8b07c39558f240b89e833ecba15d8b9fc020e8.

This isn't strictly needed and will come back in the next merge
from heimdal's trunk.

metze

source/heimdal/lib/gssapi/krb5/accept_sec_context.c patch | blob | history

diff --git a/source/heimdal/lib/gssapi/krb5/accept_sec_context.c b/source/heimdal/lib/gssapi/krb5/accept_sec_context.c
index a6f0f31246c03b7772eb0fd42b1cbdbd4e8bea22..8dbd087da62669129a0c6896630c27544c78ffac 100644 (file)
--- a/source/heimdal/lib/gssapi/krb5/accept_sec_context.c
+++ b/source/heimdal/lib/gssapi/krb5/accept_sec_context.c
@@ -520,30 +520,16 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status,
     
     if(ctx->flags & GSS_C_MUTUAL_FLAG) {
        krb5_data outbuf;
-       int use_subkey = 0;
            
        _gsskrb5i_is_cfx(ctx, &is_cfx);
            
        if (is_cfx != 0 
            || (ap_options & AP_OPTS_USE_SUBKEY)) {
-           use_subkey = 1;
-       } else {
-           krb5_keyblock *rkey;
-           kret = krb5_auth_con_getremotesubkey(context, ctx->auth_context, &rkey);
-           if (kret == 0) {
-               kret = krb5_auth_con_setlocalsubkey(context, ctx->auth_context, rkey);
-               if (kret == 0) {
-                   use_subkey = 1;
-               }
-               krb5_free_keyblock(context, rkey);
-           }
-       }
-       if (use_subkey) {
+           kret = krb5_auth_con_addflags(context,
+                                         ctx->auth_context,
+                                         KRB5_AUTH_CONTEXT_USE_SUBKEY,
+                                         NULL);
            ctx->more_flags |= ACCEPTOR_SUBKEY;
-           krb5_auth_con_addflags(context,
-                                  ctx->auth_context,
-                                  KRB5_AUTH_CONTEXT_USE_SUBKEY,
-                                  NULL);
        }
            
        kret = krb5_mk_rep(context,
Kai's WIP code