setting flags in verify MIC too late

We've been force setting mutual authentication in the verify mic SM callback.  We need to set mutual authentication prior to sending the flags token.

diff --git a/mech_eap/init_sec_context.c b/mech_eap/init_sec_context.c
index 60d15ba..fb2f6c8 100644 (file)
--- a/mech_eap/init_sec_context.c
+++ b/mech_eap/init_sec_context.c
@@ -1101,11 +1101,6 @@ eapGssSmInitAcceptorMIC(OM_uint32 *minor,
     if (GSS_ERROR(major))
         return major;
 
-    /*
-     * As a temporary measure, force mutual authentication until channel binding is
-     * more widely deployed.
-     */
-    ctx->gssFlags |= GSS_C_MUTUAL_FLAG;
     GSSEAP_SM_TRANSITION(ctx, GSSEAP_STATE_ESTABLISHED);
 
     *minor = 0;