libads: record session expiry for spnego sasl binds

[samba.git] / source3 / libads / sasl.c

diff --git a/source3/libads/sasl.c b/source3/libads/sasl.c
index 22aa9cf4bb73c627734711388ab1217892067389..b8d4527a15f72caf8de0753f0597571e96674537 100644 (file)
--- a/source3/libads/sasl.c
+++ b/source3/libads/sasl.c
@@ -134,6 +134,7 @@ static ADS_STATUS ads_sasl_spnego_gensec_bind(ADS_STRUCT *ads,
        struct auth_generic_state *auth_generic_state;
        bool use_spnego_principal = lp_client_use_spnego_principal();
        const char *sasl_list[] = { sasl, NULL };
+       NTTIME end_nt_time;
 
        nt_status = auth_generic_client_prepare(NULL, &auth_generic_state);
        if (!NT_STATUS_IS_OK(nt_status)) {
@@ -307,6 +308,14 @@ static ADS_STATUS ads_sasl_spnego_gensec_bind(ADS_STRUCT *ads,
                }
        }
 
+       ads->auth.tgs_expire = LONG_MAX;
+       end_nt_time = gensec_expire_time(auth_generic_state->gensec_security);
+       if (end_nt_time != GENSEC_EXPIRE_TIME_INFINITY) {
+               struct timeval tv;
+               nttime_to_timeval(&tv, end_nt_time);
+               ads->auth.tgs_expire = tv.tv_sec;
+       }
+
        if (ads->ldap.wrap_type > ADS_SASLWRAP_TYPE_PLAIN) {
                size_t max_wrapped = gensec_max_wrapped_size(auth_generic_state->gensec_security);
                ads->ldap.out.max_unwrapped = gensec_max_input_size(auth_generic_state->gensec_security);