From f0afefefe41b0f8c19392f05476eb03d7911958b Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 2 Sep 2016 08:20:37 +0200
Subject: [PATCH] s4:gensec_gssapi: pass gss_got_flags to gssapi_get_sig_size()
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

We need to calculate the signature length based on the negotiated
flags. This is most important on the server side where,
gss_accept_sec_context() doesn't get gss_want_flags, but fills
gss_got_flags.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
---
 source4/auth/gensec/gensec_gssapi.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index e0b2bf2598e..59b870f21de 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -1358,7 +1358,7 @@ static size_t gensec_gssapi_sig_size(struct gensec_security *gensec_security, si
 
 	sig_size = gssapi_get_sig_size(gensec_gssapi_state->gssapi_context,
 				       gensec_gssapi_state->gss_oid,
-				       gensec_gssapi_state->gss_want_flags,
+				       gensec_gssapi_state->gss_got_flags,
 				       data_size);
 
 	gensec_gssapi_state->sig_size = sig_size;
-- 
2.11.4.GIT