[linux-cifs-client] [PATCH] [CIFS] only use krb5 session key from
first SMB session on socket
Jeff Layton
jlayton at redhat.com
Tue Dec 18 12:26:50 GMT 2007
Currently, any new kerberos SMB session overwrites the server's session
key. The session key should only be set by the first SMB session set up
on the socket.
Signed-off-by: Jeff Layton <jlayton at redhat.com>
---
fs/cifs/sess.c | 8 +++++---
1 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c
index 74ecbc1..d2153ab 100644
--- a/fs/cifs/sess.c
+++ b/fs/cifs/sess.c
@@ -528,9 +528,11 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time,
rc = -EOVERFLOW;
goto ssetup_exit;
}
- ses->server->mac_signing_key.len = msg->sesskey_len;
- memcpy(ses->server->mac_signing_key.data.krb5, msg->data,
- msg->sesskey_len);
+ if (first_time) {
+ ses->server->mac_signing_key.len = msg->sesskey_len;
+ memcpy(ses->server->mac_signing_key.data.krb5,
+ msg->data, msg->sesskey_len);
+ }
pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC;
capabilities |= CAP_EXTENDED_SECURITY;
pSMB->req.Capabilities = cpu_to_le32(capabilities);
--
1.5.3.6
More information about the linux-cifs-client
mailing list