s4:libcli/smb2: allow smb2_session_setup_spnego to handle reauth

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Stefan Metzmacher <metze@samba.org>

1 files changed, 12 insertions, 0 deletions

diff --git a/source4/libcli/smb2/session.c b/source4/libcli/smb2/session.c
index d727d552b1..2657266401 100644
--- a/source4/libcli/smb2/session.c
+++ b/source4/libcli/smb2/session.c
@@ -76,6 +76,7 @@ struct smb2_session_setup_spnego_state {
 	struct smb2_session *session;
 	struct cli_credentials *credentials;
 	uint64_t previous_session_id;
+	bool reauth;
 	NTSTATUS gensec_status;
 	DATA_BLOB in_secblob;
 	DATA_BLOB out_secblob;
@@ -95,6 +96,7 @@ struct tevent_req *smb2_session_setup_spnego_send(
 {
 	struct tevent_req *req;
 	struct smb2_session_setup_spnego_state *state;
+	uint64_t current_session_id;
 	const char *chosen_oid;
 	struct tevent_req *subreq;
 	NTSTATUS status;
@@ -114,6 +116,11 @@ struct tevent_req *smb2_session_setup_spnego_send(
 	state->credentials = credentials;
 	state->previous_session_id = previous_session_id;
 
+	current_session_id = smb2cli_session_current_id(state->session->smbXcli);
+	if (current_session_id != 0) {
+		state->reauth = true;
+	}
+
 	server_gss_blob = smbXcli_conn_server_gss_blob(session->transport->conn);
 	if (server_gss_blob) {
 		negprot_secblob = *server_gss_blob;
@@ -219,6 +226,11 @@ static void smb2_session_setup_spnego_done(struct tevent_req *subreq)
 	if (NT_STATUS_IS_OK(peer_status) && NT_STATUS_IS_OK(state->gensec_status)) {
 		DATA_BLOB session_key;
 
+		if (state->reauth) {
+			tevent_req_done(req);
+			return;
+		}
+
 		status = gensec_session_key(session->gensec, state,
 					    &session_key);
 		if (tevent_req_nterror(req, status)) {