We talloc_move() session_info to session->global->auth_session_info
which sets session_info to NULL.
This means security_session_user_level(NULL, NULL) will always return
SECURITY_ANONYMOUS so we never sign the session setup response.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13661
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Nov 13 14:22:46 CET 2018 on sn-devel-144
(cherry picked from commit
bb93e691ca9b1922bf552363a1e7d70792749d67)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-8-test): Fri Nov 23 13:52:04 CET 2018 on sn-devel-144
+++ /dev/null
-^samba3.smb2.session krb5.expire1n\(ad_member\)
reload_services(smb2req->sconn, conn_snum_used, true);
+ if (security_session_user_level(session_info, NULL) >= SECURITY_USER) {
+ smb2req->do_signing = true;
+ }
+
session->status = NT_STATUS_OK;
TALLOC_FREE(session->global->auth_session_info);
session->global->auth_session_info = talloc_move(session->global,
conn_clear_vuid_caches(xconn->client->sconn, session->compat->vuid);
- if (security_session_user_level(session_info, NULL) >= SECURITY_USER) {
- smb2req->do_signing = true;
- }
-
*out_session_id = session->global->session_wire_id;
return NT_STATUS_OK;