smb2_sesssetup: only set NT_STATUS_MORE_PROCESSING_REQUIRED if a reauth can start

When the session is not valid on the current connection it should not be
possible to start a reauth.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

diff --git a/selftest/knownfail.d/smb2.session b/selftest/knownfail.d/smb2.session
index eb52a7a24ed9578a1030134be01e65f3100e6d3c..dbb380cc435728011b2a9f08c2c1cc4be9f32af8 100644 (file)
--- a/selftest/knownfail.d/smb2.session
+++ b/selftest/knownfail.d/smb2.session
@@ -1,7 +1,4 @@
-^samba3.smb2.session.*.bind_negative_smb210
 ^samba3.smb2.session.*.bind_negative_smb2to3
-^samba3.smb2.session.*.bind_negative_smb3to2
-^samba3.smb2.session.*.bind_negative_smb3to3
 ^samba3.smb2.session.*.bind_negative_smb3encGtoC
 ^samba3.smb2.session.*.bind_different_user.ad_dc
 ^samba3.smb2.session.*.bind_invalid_auth.ad_member_idmap_rid

diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index 699a3bd742b09b4147c170e5e0c351bf5e27ae76..f10d33a69555088fbb2829b15c38676864cb9839 100644 (file)
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -810,9 +810,6 @@ auth:
                if (tevent_req_nterror(req, status)) {
                        return tevent_req_post(req, ev);
                }
-               if (!(in_flags & SMB2_SESSION_FLAG_BINDING)) {
-                       state->session->status = NT_STATUS_MORE_PROCESSING_REQUIRED;
-               }
        }
 
        status = smbXsrv_session_find_channel(smb2req->session,
@@ -822,6 +819,10 @@ auth:
                return tevent_req_post(req, ev);
        }
 
+       if (!(in_flags & SMB2_SESSION_FLAG_BINDING)) {
+               state->session->status = NT_STATUS_MORE_PROCESSING_REQUIRED;
+       }
+
        status = smbXsrv_session_find_auth(state->session, smb2req->xconn,
                                           now, &state->auth);
        if (!NT_STATUS_IS_OK(status)) {