From: Jeff Layton <jlayton@redhat.com>
Date: Mon, 31 Dec 2007 04:03:02 +0000 (+0000)
Subject: [CIFS]  use krb5 session key from first SMB session after a NegProt
X-Git-Tag: v2.6.25-rc1~1226^2~11
X-Git-Url: http://www.pilppa.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=1a67570c76402b36695cd0725e28649ee8fe830d;p=linux-2.6-omap-h63xx.git

[CIFS]  use krb5 session key from first SMB session after a NegProt

Currently, any new kerberos SMB session overwrites the server's session
key. The session key should only be set by the first SMB session set up
on the socket.

Signed-off-by: Jeff Layton <jlayton@tupile.poochiereds.net>
Signed-off-by: Steve French <sfrench@us.ibm.com>
---

diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c
index d0cb469daab..ce698d5f610 100644
--- a/fs/cifs/sess.c
+++ b/fs/cifs/sess.c
@@ -528,9 +528,11 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time,
 			rc = -EOVERFLOW;
 			goto ssetup_exit;
 		}
-		ses->server->mac_signing_key.len = msg->sesskey_len;
-		memcpy(ses->server->mac_signing_key.data.krb5, msg->data,
-			msg->sesskey_len);
+		if (first_time) {
+			ses->server->mac_signing_key.len = msg->sesskey_len;
+			memcpy(ses->server->mac_signing_key.data.krb5,
+				msg->data, msg->sesskey_len);
+		}
 		pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC;
 		capabilities |= CAP_EXTENDED_SECURITY;
 		pSMB->req.Capabilities = cpu_to_le32(capabilities);