[CIFS] use krb5 session key from first SMB session after a NegProt

Currently, any new kerberos SMB session overwrites the server's session
key. The session key should only be set by the first SMB session set up
on the socket.

Signed-off-by: Jeff Layton <jlayton@tupile.poochiereds.net>
Signed-off-by: Steve French <sfrench@us.ibm.com>

diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c
index d0cb469daab7337b8285abc907e2740a5ef3abd8..ce698d5f61071e1128be7f7781a872d2d3d3d1a3 100644 (file)
--- a/fs/cifs/sess.c
+++ b/fs/cifs/sess.c
@@ -528,9 +528,11 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time,
                        rc = -EOVERFLOW;
                        goto ssetup_exit;
                }
-               ses->server->mac_signing_key.len = msg->sesskey_len;
-               memcpy(ses->server->mac_signing_key.data.krb5, msg->data,
-                       msg->sesskey_len);
+               if (first_time) {
+                       ses->server->mac_signing_key.len = msg->sesskey_len;
+                       memcpy(ses->server->mac_signing_key.data.krb5,
+                               msg->data, msg->sesskey_len);
+               }
                pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC;
                capabilities |= CAP_EXTENDED_SECURITY;
                pSMB->req.Capabilities = cpu_to_le32(capabilities);