svn commit: lorikeet r283 - in
branches/tmp/heimdal-gssapi/lib/gssapi: .
abartlet at samba.org
abartlet at samba.org
Sat May 14 07:04:50 GMT 2005
Author: abartlet
Date: 2005-05-14 07:04:50 +0000 (Sat, 14 May 2005)
New Revision: 283
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=lorikeet&rev=283
Log:
More DCE_STYLE work:
Match the client code in setting the sequence number for both ends of
the GSSAPI state.
Andrew Bartlett
Modified:
branches/tmp/heimdal-gssapi/lib/gssapi/accept_sec_context.c
Changeset:
Modified: branches/tmp/heimdal-gssapi/lib/gssapi/accept_sec_context.c
===================================================================
--- branches/tmp/heimdal-gssapi/lib/gssapi/accept_sec_context.c 2005-05-11 13:31:40 UTC (rev 282)
+++ branches/tmp/heimdal-gssapi/lib/gssapi/accept_sec_context.c 2005-05-14 07:04:50 UTC (rev 283)
@@ -498,6 +498,7 @@
krb5_error_code kret;
krb5_data inbuf;
OM_uint32 r_seq_number;
+ OM_uint32 l_seq_number;
/* We know it's GSS_C_DCE_STYLE so we don't need to decapsulate the AP_REP */
inbuf.length = input_token->length;
@@ -508,6 +509,15 @@
* and then reset the remote seq_number to the old value
*/
{
+ kret = krb5_auth_con_getlocalseqnumber(gssapi_krb5_context,
+ (*context_handle)->auth_context,
+ &l_seq_number);
+ if (kret) {
+ gssapi_krb5_set_error_string ();
+ *minor_status = kret;
+ return GSS_S_FAILURE;
+ }
+
kret = krb5_auth_getremoteseqnumber(gssapi_krb5_context,
(*context_handle)->auth_context,
&r_seq_number);
@@ -516,6 +526,15 @@
*minor_status = kret;
return GSS_S_FAILURE;
}
+
+ kret = krb5_auth_con_setremoteseqnumber(gssapi_krb5_context,
+ (*context_handle)->auth_context,
+ l_seq_number);
+ if (kret) {
+ gssapi_krb5_set_error_string ();
+ *minor_status = kret;
+ return GSS_S_FAILURE;
+ }
}
/* We need to verify the AP_REP */
More information about the samba-cvs
mailing list