[linux-cifs-client] [PATCH] cifs: explicitly revoke SPNEGO key after session setup

Jeff Layton jlayton at redhat.com
Tue Aug 5 18:03:03 GMT 2008


The SPNEGO blob returned by an upcall can only be used once. Explicitly
revoke it to make sure that we never pick it up again after session
setup exits.

This doesn't seem to be that big an issue on more recent kernels, but
older kernels seem to link keys into the session keyring by default.
That said, explicitly revoking the key seems like a reasonable thing
to do here.

Signed-off-by: Jeff Layton <jlayton at redhat.com>
---
 fs/cifs/sess.c |    4 +++-
 1 files changed, 3 insertions(+), 1 deletions(-)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 661f27dcf1a5a1090bcd4284bed55fdaae8a9043.diff
Type: text/x-patch
Size: 467 bytes
Desc: not available
Url : http://lists.samba.org/archive/linux-cifs-client/attachments/20080805/4204d9b5/661f27dcf1a5a1090bcd4284bed55fdaae8a9043.bin


More information about the linux-cifs-client mailing list