From 1a67570c76402b36695cd0725e28649ee8fe830d Mon Sep 17 00:00:00 2001 From: Jeff Layton Date: Mon, 31 Dec 2007 04:03:02 +0000 Subject: [CIFS] use krb5 session key from first SMB session after a NegProt Currently, any new kerberos SMB session overwrites the server's session key. The session key should only be set by the first SMB session set up on the socket. Signed-off-by: Jeff Layton Signed-off-by: Steve French --- fs/cifs/sess.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'fs') diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c index d0cb469daab7..ce698d5f6107 100644 --- a/fs/cifs/sess.c +++ b/fs/cifs/sess.c @@ -528,9 +528,11 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time, rc = -EOVERFLOW; goto ssetup_exit; } - ses->server->mac_signing_key.len = msg->sesskey_len; - memcpy(ses->server->mac_signing_key.data.krb5, msg->data, - msg->sesskey_len); + if (first_time) { + ses->server->mac_signing_key.len = msg->sesskey_len; + memcpy(ses->server->mac_signing_key.data.krb5, + msg->data, msg->sesskey_len); + } pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC; capabilities |= CAP_EXTENDED_SECURITY; pSMB->req.Capabilities = cpu_to_le32(capabilities); -- cgit v1.2.1