[linux-cifs-client] [PATCH] [CIFS] only use krb5 session key from first SMB session on socket

simo idra at samba.org
Tue Dec 18 14:22:16 GMT 2007


On Tue, 2007-12-18 at 16:40 +0300, Q (Igor Mammedov) wrote:
> Jeff Layton wrote:
> > Currently, any new kerberos SMB session overwrites the server's session
> > key. The session key should only be set by the first SMB session set up
> > on the socket.
> 
> It could be better don't do upcall at all in this case?

It's just the signing key that is shared on the same TCP connection, we
still need to authenticate different users in a multi-user setup.

I guess we may avoid doing a new session setup and just skip to the tree
connect if the same user already has an open session. But I guess this
is just optimization.

Simo.

-- 
Simo Sorce
Samba Team GPL Compliance Officer <simo at samba.org>
Senior Software Engineer at Red Hat Inc. <ssorce at redhat.com>



More information about the linux-cifs-client mailing list