Client: Add ResetSecurityContext to IAuthenticationClient#348
Conversation
…S target auth Add ResetSecurityContext(string host) to IAuthenticationClient interface, enabling auth-client reuse when connecting to DFS target servers. - IAuthenticationClient: add ResetSecurityContext(string host) method - NTLMAuthenticationClient: implement reset (update SPN, clear handshake state) - SMB2Client: retain IAuthenticationClient after Login, clear on Logoff/Disconnect - SMB2Client: expose Transport property for target client construction BREAKING CHANGE: IAuthenticationClient now requires a ResetSecurityContext(string host) method. Existing implementations must add this method.
|
Thanks, In addition I decided "serverAddress" would be easier to understand than "host" as an argument name for ResetSecurityContext. I also wanted a summary there to clarify what it is used for. To save some back-and-forth I already pushed those changes. |
| if (response != null) | ||
| { | ||
| m_isLoggedIn = (response.Header.Status != NTStatus.STATUS_SUCCESS); | ||
| if (!m_isLoggedIn) |
There was a problem hiding this comment.
Once the client is disposed the GC will handle this for us, and if Login is called again the GC will handle this for us, so it's not really needed to set the m_authenticationClient to null IMO
| m_sessionID = 0; | ||
| m_availableCredits = 1; | ||
| m_connectionSupportsMultiCredit = false; | ||
| m_authenticationClient = null; |
There was a problem hiding this comment.
Either the client will be handled by the GC or the user will Connect and Login again - in both cases we don't need to make an effort to set m_authenticationClient to null IMO
TalAloni
force-pushed
the
master
branch
2 times, most recently
from
57cfb6a to
336c47f
Compare
|
I changed ResetSecurityContext to accept spn instead of serverAddress, as I realized NTLMAuthenticationClient is not the place for CIFS specific logic. I did create a new method in SMB2Client called CreateSPN - it can be moved to a more convenient location if necessary. |
2 participants
Adds
ResetSecurityContext(string host)toIAuthenticationClientand implements it inNTLMAuthenticationClient, enabling authentication clients to be reused when following DFS referrals to a different host.Changes:
IAuthenticationClient: newResetSecurityContext(string host)methodNTLMAuthenticationClient: implementation that rebinds SPN and clears handshake stateSMB2Client: retains theIAuthenticationClientinstance after login, exposesTransportproperty — both needed by the upcoming DFS file storeContext: This is the first of two PRs for DFS support (related to #326). The second PR will add
SMB2DfsFileStorewhich uses these interfaces to transparently follow DFS referrals.