diff options
author | Stefan Metzmacher <metze@samba.org> | 2008-09-11 06:47:06 +0200 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2008-09-23 11:30:02 +0200 |
commit | 588af6901b019d414f4319ea9a1f40cb3d0e140e (patch) | |
tree | c2388db173c96b400ebe2a5853133348fadcf637 | |
parent | 02cffed79dc74541ac9e9c7835573e8dfad1bb05 (diff) | |
download | samba-588af6901b019d414f4319ea9a1f40cb3d0e140e.tar.gz samba-588af6901b019d414f4319ea9a1f40cb3d0e140e.tar.bz2 samba-588af6901b019d414f4319ea9a1f40cb3d0e140e.zip |
gensec_krb5: only give away the session key, when the authentication is done
metze
-rw-r--r-- | source4/auth/gensec/gensec_krb5.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c index 47df2ccfcc..1f54043038 100644 --- a/source4/auth/gensec/gensec_krb5.c +++ b/source4/auth/gensec/gensec_krb5.c @@ -515,6 +515,10 @@ static NTSTATUS gensec_krb5_session_key(struct gensec_security *gensec_security, krb5_keyblock *skey; krb5_error_code err = -1; + if (gensec_krb5_state->state_position != GENSEC_KRB5_DONE) { + return NT_STATUS_NO_USER_SESSION_KEY; + } + if (gensec_krb5_state->session_key.data) { *session_key = gensec_krb5_state->session_key; return NT_STATUS_OK; |