summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGregor Beck <gbeck@sernet.de>2012-03-06 15:45:37 +0100
committerStefan Metzmacher <metze@samba.org>2012-03-07 10:57:27 +0100
commit7e9a4c6c11b90a27b570158e33b37efed3a4998e (patch)
tree62f677dc03f7af2341675c0946b33224bbee95ed
parentb47959a5c5577b4a6fb3003c7d4c3caf5c46ab93 (diff)
downloadsamba-7e9a4c6c11b90a27b570158e33b37efed3a4998e.tar.gz
samba-7e9a4c6c11b90a27b570158e33b37efed3a4998e.tar.bz2
samba-7e9a4c6c11b90a27b570158e33b37efed3a4998e.zip
s4:libcli/smb2: allow smb2_session_setup_spnego to handle reauth
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
-rw-r--r--source4/libcli/smb2/session.c12
1 files changed, 12 insertions, 0 deletions
diff --git a/source4/libcli/smb2/session.c b/source4/libcli/smb2/session.c
index d727d552b1..2657266401 100644
--- a/source4/libcli/smb2/session.c
+++ b/source4/libcli/smb2/session.c
@@ -76,6 +76,7 @@ struct smb2_session_setup_spnego_state {
struct smb2_session *session;
struct cli_credentials *credentials;
uint64_t previous_session_id;
+ bool reauth;
NTSTATUS gensec_status;
DATA_BLOB in_secblob;
DATA_BLOB out_secblob;
@@ -95,6 +96,7 @@ struct tevent_req *smb2_session_setup_spnego_send(
{
struct tevent_req *req;
struct smb2_session_setup_spnego_state *state;
+ uint64_t current_session_id;
const char *chosen_oid;
struct tevent_req *subreq;
NTSTATUS status;
@@ -114,6 +116,11 @@ struct tevent_req *smb2_session_setup_spnego_send(
state->credentials = credentials;
state->previous_session_id = previous_session_id;
+ current_session_id = smb2cli_session_current_id(state->session->smbXcli);
+ if (current_session_id != 0) {
+ state->reauth = true;
+ }
+
server_gss_blob = smbXcli_conn_server_gss_blob(session->transport->conn);
if (server_gss_blob) {
negprot_secblob = *server_gss_blob;
@@ -219,6 +226,11 @@ static void smb2_session_setup_spnego_done(struct tevent_req *subreq)
if (NT_STATUS_IS_OK(peer_status) && NT_STATUS_IS_OK(state->gensec_status)) {
DATA_BLOB session_key;
+ if (state->reauth) {
+ tevent_req_done(req);
+ return;
+ }
+
status = gensec_session_key(session->gensec, state,
&session_key);
if (tevent_req_nterror(req, status)) {