diff options
-rw-r--r-- | sys/rpc/rpcsec_gss/svc_rpcsec_gss.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c b/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c index a4253a4..dadd36e 100644 --- a/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c +++ b/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c @@ -984,7 +984,7 @@ svc_rpc_gss_accept_sec_context(struct svc_rpc_gss_client *client, static bool_t svc_rpc_gss_validate(struct svc_rpc_gss_client *client, struct rpc_msg *msg, - gss_qop_t *qop) + gss_qop_t *qop, rpc_gss_proc_t gcproc) { struct opaque_auth *oa; gss_buffer_desc rpcbuf, checksum; @@ -1024,7 +1024,8 @@ svc_rpc_gss_validate(struct svc_rpc_gss_client *client, struct rpc_msg *msg, if (maj_stat != GSS_S_COMPLETE) { rpc_gss_log_status("gss_verify_mic", client->cl_mech, maj_stat, min_stat); - client->cl_state = CLIENT_STALE; + if (gcproc != RPCSEC_GSS_DESTROY) + client->cl_state = CLIENT_STALE; return (FALSE); } @@ -1358,7 +1359,7 @@ svc_rpc_gss(struct svc_req *rqst, struct rpc_msg *msg) break; } - if (!svc_rpc_gss_validate(client, msg, &qop)) { + if (!svc_rpc_gss_validate(client, msg, &qop, gc.gc_proc)) { result = RPCSEC_GSS_CREDPROBLEM; break; } |