svn commit: lorikeet r283 - in branches/tmp/heimdal-gssapi/lib/gssapi: .

[abartlet at samba.org]

Author: abartlet
Date: 2005-05-14 07:04:50 +0000 (Sat, 14 May 2005)
New Revision: 283

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=lorikeet&rev=283

Log:
More DCE_STYLE work:

Match the client code in setting the sequence number for both ends of
the GSSAPI state.

Andrew Bartlett

Modified:
   branches/tmp/heimdal-gssapi/lib/gssapi/accept_sec_context.c


Changeset:
Modified: branches/tmp/heimdal-gssapi/lib/gssapi/accept_sec_context.c
===================================================================
--- branches/tmp/heimdal-gssapi/lib/gssapi/accept_sec_context.c	2005-05-11 13:31:40 UTC (rev 282)
+++ branches/tmp/heimdal-gssapi/lib/gssapi/accept_sec_context.c	2005-05-14 07:04:50 UTC (rev 283)
@@ -498,6 +498,7 @@
 	krb5_error_code kret;
 	krb5_data inbuf;
 	OM_uint32 r_seq_number;
+	OM_uint32 l_seq_number;
 	
 	/* We know it's GSS_C_DCE_STYLE so we don't need to decapsulate the AP_REP */
 	inbuf.length	= input_token->length;
@@ -508,6 +509,15 @@
 	 * and then reset the remote seq_number to the old value 
 	 */
 	{
+		kret = krb5_auth_con_getlocalseqnumber(gssapi_krb5_context,
+						    (*context_handle)->auth_context,
+						    &l_seq_number);
+		if (kret) {
+			gssapi_krb5_set_error_string ();
+			*minor_status = kret;
+			return GSS_S_FAILURE;
+		}
+
 		kret = krb5_auth_getremoteseqnumber(gssapi_krb5_context,
 						    (*context_handle)->auth_context,
 						    &r_seq_number);
@@ -516,6 +526,15 @@
 			*minor_status = kret;
 			return GSS_S_FAILURE;
 		}
+
+		kret = krb5_auth_con_setremoteseqnumber(gssapi_krb5_context,
+						    (*context_handle)->auth_context,
+						    l_seq_number);
+		if (kret) {
+			gssapi_krb5_set_error_string ();
+			*minor_status = kret;
+			return GSS_S_FAILURE;
+		}
 	}
 
 	/* We need to verify the AP_REP */