diff options
author | Jeff Layton <jlayton@redhat.com> | 2007-12-30 23:03:02 -0500 |
---|---|---|
committer | Steve French <sfrench@us.ibm.com> | 2007-12-30 23:03:02 -0500 |
commit | 1a67570c76402b36695cd0725e28649ee8fe830d (patch) | |
tree | 77e71577106a8e0c2d2d61b032a8dd7437f3deb3 /fs | |
parent | 1d9a8852c365fb7f8db0f8364210138985f457b8 (diff) |
[CIFS] use krb5 session key from first SMB session after a NegProt
Currently, any new kerberos SMB session overwrites the server's session
key. The session key should only be set by the first SMB session set up
on the socket.
Signed-off-by: Jeff Layton <jlayton@tupile.poochiereds.net>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs')
-rw-r--r-- | fs/cifs/sess.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c index d0cb469daab7..ce698d5f6107 100644 --- a/fs/cifs/sess.c +++ b/fs/cifs/sess.c | |||
@@ -528,9 +528,11 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time, | |||
528 | rc = -EOVERFLOW; | 528 | rc = -EOVERFLOW; |
529 | goto ssetup_exit; | 529 | goto ssetup_exit; |
530 | } | 530 | } |
531 | ses->server->mac_signing_key.len = msg->sesskey_len; | 531 | if (first_time) { |
532 | memcpy(ses->server->mac_signing_key.data.krb5, msg->data, | 532 | ses->server->mac_signing_key.len = msg->sesskey_len; |
533 | msg->sesskey_len); | 533 | memcpy(ses->server->mac_signing_key.data.krb5, |
534 | msg->data, msg->sesskey_len); | ||
535 | } | ||
534 | pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC; | 536 | pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC; |
535 | capabilities |= CAP_EXTENDED_SECURITY; | 537 | capabilities |= CAP_EXTENDED_SECURITY; |
536 | pSMB->req.Capabilities = cpu_to_le32(capabilities); | 538 | pSMB->req.Capabilities = cpu_to_le32(capabilities); |