Force mutual flag on the context prior to sending the flags token until channel binding is better deployed.
unsigned char wireFlags[4];
gss_buffer_desc flagsBuf;
unsigned char wireFlags[4];
gss_buffer_desc flagsBuf;
+ /*
+ * As a temporary measure, force mutual authentication until channel binding is
+ * more widely deployed.
+ */
+ ctx->gssFlags |= GSS_C_MUTUAL_FLAG;
store_uint32_be(ctx->gssFlags & GSSEAP_WIRE_FLAGS_MASK, wireFlags);
flagsBuf.length = sizeof(wireFlags);
store_uint32_be(ctx->gssFlags & GSSEAP_WIRE_FLAGS_MASK, wireFlags);
flagsBuf.length = sizeof(wireFlags);