Codebase list cyrus-sasl2 / debian/2.1.25.dfsg1-13 debian / patches / 0032-revert_1.103_revision_to_unbreak_GSSAPI.patch
debian/2.1.25.dfsg1-13

Tree @debian/2.1.25.dfsg1-13 (Download .tar.gz)

0032-revert_1.103_revision_to_unbreak_GSSAPI.patch @debian/2.1.25.dfsg1-13raw · history · blame 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
--- a/plugins/gssapi.c
+++ b/plugins/gssapi.c
@@ -1480,10 +1480,10 @@ static int gssapi_client_mech_step(void
 	}
 
 	/* Setup req_flags properly */
-	req_flags = GSS_C_INTEG_FLAG;
+	req_flags = GSS_C_MUTUAL_FLAG | GSS_C_SEQUENCE_FLAG;
 	if (params->props.max_ssf > params->external_ssf) {
 	    /* We are requesting a security layer */
-	    req_flags |= GSS_C_MUTUAL_FLAG | GSS_C_SEQUENCE_FLAG;
+	    req_flags |= GSS_C_INTEG_FLAG;
 	    /* Any SSF bigger than 1 is confidentiality. */
 	    /* Let's check if the client of the API requires confidentiality,
 	       and it wasn't already provided by an external layer */