From 76693c197adff1cebdd30837310a89c95f3ce4ee Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Sat, 13 May 2017 02:25:44 +0200
Subject: [PATCH] auth/gensec: call gensec_verify_features() also after
 update_recv() in gensec_update_ev()

This is no a real problem until now, because the only backends with update_send()/recv()
are "schannel" (which only supports AUTH_LEVEL_{INTEGRITY,PRIVACY}) and
"naclrpc_as_system" (which doesn't support any protection beside using unix
domain sockets).

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---
 auth/gensec/gensec.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/auth/gensec/gensec.c b/auth/gensec/gensec.c
index 6cc82e61176..23d762b2a73 100644
--- a/auth/gensec/gensec.c
+++ b/auth/gensec/gensec.c
@@ -397,6 +397,19 @@ _PUBLIC_ NTSTATUS gensec_update_ev(struct gensec_security *gensec_security,
 		goto fail;
 	}
 	status = ops->update_recv(subreq, out_mem_ctx, out);
+	if (!NT_STATUS_IS_OK(status)) {
+		goto fail;
+	}
+
+	/*
+	 * Because callers using the
+	 * gensec_start_mech_by_auth_type() never call
+	 * gensec_want_feature(), it isn't sensible for them
+	 * to have to call gensec_have_feature() manually, and
+	 * these are not points of negotiation, but are
+	 * asserted by the client
+	 */
+	status = gensec_verify_features(gensec_security);
  fail:
 	TALLOC_FREE(frame);
 	return status;
-- 
2.34.1