auth/gensec: call gensec_verify_features() also after update_recv() in gensec_update_ev()
authorStefan Metzmacher <metze@samba.org>
Sat, 13 May 2017 00:25:44 +0000 (02:25 +0200)
committerAndrew Bartlett <abartlet@samba.org>
Sun, 21 May 2017 19:05:08 +0000 (21:05 +0200)
This is no a real problem until now, because the only backends with update_send()/recv()
are "schannel" (which only supports AUTH_LEVEL_{INTEGRITY,PRIVACY}) and
"naclrpc_as_system" (which doesn't support any protection beside using unix
domain sockets).

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
auth/gensec/gensec.c

index 6cc82e611761cceee86a7106e773f0e3db48dcc1..23d762b2a73e63f088fa1af3a751b0f36f36dd7e 100644 (file)
@@ -397,6 +397,19 @@ _PUBLIC_ NTSTATUS gensec_update_ev(struct gensec_security *gensec_security,
                goto fail;
        }
        status = ops->update_recv(subreq, out_mem_ctx, out);
+       if (!NT_STATUS_IS_OK(status)) {
+               goto fail;
+       }
+
+       /*
+        * Because callers using the
+        * gensec_start_mech_by_auth_type() never call
+        * gensec_want_feature(), it isn't sensible for them
+        * to have to call gensec_have_feature() manually, and
+        * these are not points of negotiation, but are
+        * asserted by the client
+        */
+       status = gensec_verify_features(gensec_security);
  fail:
        TALLOC_FREE(frame);
        return status;