Blame SOURCES/cyrus-sasl-2.1.26-revert-gssapi-flags.patch

98b3ea
--- cyrus-sasl2.orig/plugins/gssapi.c
98b3ea
+++ cyrus-sasl2/plugins/gssapi.c
98b3ea
@@ -1583,10 +1583,10 @@ static int gssapi_client_mech_step(void
98b3ea
 	}
98b3ea
 
98b3ea
 	/* Setup req_flags properly */
98b3ea
-	req_flags = GSS_C_INTEG_FLAG;
98b3ea
+	req_flags = GSS_C_MUTUAL_FLAG | GSS_C_SEQUENCE_FLAG;
98b3ea
 	if (params->props.max_ssf > params->external_ssf) {
98b3ea
 	    /* We are requesting a security layer */
98b3ea
-	    req_flags |= GSS_C_MUTUAL_FLAG | GSS_C_SEQUENCE_FLAG;
98b3ea
+	    req_flags |= GSS_C_INTEG_FLAG;
98b3ea
 	    /* Any SSF bigger than 1 is confidentiality. */
98b3ea
 	    /* Let's check if the client of the API requires confidentiality,
98b3ea
 	       and it wasn't already provided by an external layer */
98b3ea