diff options
author | Stefan Metzmacher <metze@samba.org> | 2009-01-12 12:32:46 +0100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2009-01-12 13:22:40 +0100 |
commit | 7d9fd64f38aa5821b38c1223cf87979fc87bfb71 (patch) | |
tree | c27386d13936d5a96419b870c59b450db0bf1e14 /source3/lib/secacl.c | |
parent | 6f53a487b40de03380db3562733621e209342832 (diff) | |
download | samba-7d9fd64f38aa5821b38c1223cf87979fc87bfb71.tar.gz samba-7d9fd64f38aa5821b38c1223cf87979fc87bfb71.tar.bz2 samba-7d9fd64f38aa5821b38c1223cf87979fc87bfb71.zip |
s3:libsmb: handle the smb signing states the same in the krb5 and ntlmssp cases
SMB signing works the same regardless of the used auth mech.
We need to start with the temp signing ("BSRSPYL ")
and the session setup response with NT_STATUS_OK
is the first signed packet.
Now we set the krb5 session key if we got the NT_STATUS_OK
from the server and then recheck the packet.
All this is needed to make the fallback from krb5 to
ntlmssp possible. This commit also resets the cli->vuid
value to 0, if the krb5 auth didn't succeed. Otherwise
the server handles NTLMSSP packets as krb5 packets.
The restructuring of the SMB signing code is needed to
make sure the krb5 code only starts the signing engine
on success. Otherwise the NTLMSSP fallback could not initialize
the signing engine (again).
metze
Diffstat (limited to 'source3/lib/secacl.c')
0 files changed, 0 insertions, 0 deletions