struct smbXsrv_session *session = NULL;
uint16_t smb_bufsize = SVAL(req->vwv+2, 0);
uint32_t client_caps = IVAL(req->vwv+10, 0);
+ struct smbXsrv_session_auth0 *auth;
DEBUG(3,("Doing spnego session setup\n"));
if (NT_STATUS_IS_OK(status)) {
session->status = NT_STATUS_MORE_PROCESSING_REQUIRED;
status = NT_STATUS_MORE_PROCESSING_REQUIRED;
- TALLOC_FREE(session->gensec);
+ TALLOC_FREE(session->pending_auth);
}
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
reply_nterror(req, nt_status_squash(status));
}
}
- if (!session->gensec) {
+ status = smbXsrv_session_find_auth(session, xconn, now, &auth);
+ if (!NT_STATUS_IS_OK(status)) {
+ status = smbXsrv_session_create_auth(session, xconn, now,
+ 0, /* flags */
+ 0, /* security */
+ &auth);
+ if (!NT_STATUS_IS_OK(status)) {
+ reply_nterror(req, nt_status_squash(status));
+ return;
+ }
+ }
+
+ if (auth->gensec == NULL) {
status = auth_generic_prepare(session, xconn->remote_address,
- &session->gensec);
+ &auth->gensec);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(session);
reply_nterror(req, nt_status_squash(status));
return;
}
- gensec_want_feature(session->gensec, GENSEC_FEATURE_SESSION_KEY);
- gensec_want_feature(session->gensec, GENSEC_FEATURE_UNIX_TOKEN);
+ gensec_want_feature(auth->gensec, GENSEC_FEATURE_SESSION_KEY);
+ gensec_want_feature(auth->gensec, GENSEC_FEATURE_UNIX_TOKEN);
- status = gensec_start_mech_by_oid(session->gensec,
+ status = gensec_start_mech_by_oid(auth->gensec,
GENSEC_OID_SPNEGO);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("Failed to start SPNEGO handler!\n"));
}
become_root();
- status = gensec_update(session->gensec,
+ status = gensec_update(auth->gensec,
talloc_tos(),
in_blob, &out_blob);
unbecome_root();
if (NT_STATUS_IS_OK(status) && session->global->auth_session_info == NULL) {
struct auth_session_info *session_info = NULL;
- status = gensec_session_info(session->gensec,
+ status = gensec_session_info(auth->gensec,
session,
&session_info);
if (!NT_STATUS_IS_OK(status)) {
session->global->auth_time = now;
if (client_caps & CAP_DYNAMIC_REAUTH) {
session->global->expiration_time =
- gensec_expire_time(session->gensec);
+ gensec_expire_time(auth->gensec);
} else {
session->global->expiration_time =
GENSEC_EXPIRE_TIME_INFINITY;
} else if (NT_STATUS_IS_OK(status)) {
struct auth_session_info *session_info = NULL;
- status = gensec_session_info(session->gensec,
+ status = gensec_session_info(auth->gensec,
session,
&session_info);
if (!NT_STATUS_IS_OK(status)) {
session->global->auth_time = now;
if (client_caps & CAP_DYNAMIC_REAUTH) {
session->global->expiration_time =
- gensec_expire_time(session->gensec);
+ gensec_expire_time(auth->gensec);
} else {
session->global->expiration_time =
GENSEC_EXPIRE_TIME_INFINITY;