sbonazzo / rpms / cyrus-sasl

Forked from rpms/cyrus-sasl 2 years ago
Clone

Blame SOURCES/cyrus-sasl-2.1.26-gssapi-non-encrypt.patch

b9abc1
diff -up cyrus-sasl-2.1.26/plugins/gssapi.c.gssapi_non_encrypt cyrus-sasl-2.1.26/plugins/gssapi.c
b9abc1
--- cyrus-sasl-2.1.26/plugins/gssapi.c.gssapi_non_encrypt	2015-05-19 14:57:57.091212254 +0200
b9abc1
+++ cyrus-sasl-2.1.26/plugins/gssapi.c	2015-05-19 15:01:41.681011361 +0200
b9abc1
@@ -1159,19 +1159,18 @@ gssapi_server_mech_ssfreq(context_t *tex
b9abc1
     }
b9abc1
 
b9abc1
     layerchoice = (int)(((char *)(output_token->value))[0]);
b9abc1
-    if (layerchoice == LAYER_NONE &&
b9abc1
-	(text->qop & LAYER_NONE)) { /* no encryption */
b9abc1
+	if (!(layerchoice & (LAYER_INTEGRITY | LAYER_CONFIDENTIALITY)) &&
b9abc1
+	     (text->qop & LAYER_NONE)) { /* no encryption */
b9abc1
 	oparams->encode = NULL;
b9abc1
 	oparams->decode = NULL;
b9abc1
 	oparams->mech_ssf = 0;
b9abc1
-    } else if (layerchoice == LAYER_INTEGRITY &&
b9abc1
+	} else if ((layerchoice & LAYER_INTEGRITY) &&
b9abc1
 	       (text->qop & LAYER_INTEGRITY)) { /* integrity */
b9abc1
 	oparams->encode = &gssapi_integrity_encode;
b9abc1
 	oparams->decode = &gssapi_decode;
b9abc1
 	oparams->mech_ssf = 1;
b9abc1
-    } else if ((layerchoice == LAYER_CONFIDENTIALITY ||
b9abc1
-		/* For compatibility with broken clients setting both bits */
b9abc1
-		layerchoice == (LAYER_CONFIDENTIALITY|LAYER_INTEGRITY)) &&
b9abc1
+	} else if (/* For compatibility with broken clients setting both bits */
b9abc1
+		   (layerchoice & (LAYER_CONFIDENTIALITY | LAYER_INTEGRITY)) &&
b9abc1
 	       (text->qop & LAYER_CONFIDENTIALITY)) { /* privacy */
b9abc1
 	oparams->encode = &gssapi_privacy_encode;
b9abc1
 	oparams->decode = &gssapi_decode;