mirror of
https://github.com/adulau/aha.git
synced 2024-12-28 11:46:19 +00:00
[CIFS] use krb5 session key from first SMB session after a NegProt
Currently, any new kerberos SMB session overwrites the server's session key. The session key should only be set by the first SMB session set up on the socket. Signed-off-by: Jeff Layton <jlayton@tupile.poochiereds.net> Signed-off-by: Steve French <sfrench@us.ibm.com>
This commit is contained in:
parent
1d9a8852c3
commit
1a67570c76
1 changed files with 5 additions and 3 deletions
|
@ -528,9 +528,11 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time,
|
|||
rc = -EOVERFLOW;
|
||||
goto ssetup_exit;
|
||||
}
|
||||
ses->server->mac_signing_key.len = msg->sesskey_len;
|
||||
memcpy(ses->server->mac_signing_key.data.krb5, msg->data,
|
||||
msg->sesskey_len);
|
||||
if (first_time) {
|
||||
ses->server->mac_signing_key.len = msg->sesskey_len;
|
||||
memcpy(ses->server->mac_signing_key.data.krb5,
|
||||
msg->data, msg->sesskey_len);
|
||||
}
|
||||
pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC;
|
||||
capabilities |= CAP_EXTENDED_SECURITY;
|
||||
pSMB->req.Capabilities = cpu_to_le32(capabilities);
|
||||
|
|
Loading…
Reference in a new issue