From d58f7cd5469baba5b47bbd6923103aa4c6b42c91 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 3 May 2012 16:13:08 +0200
Subject: [PATCH] s3:smbd: allow creating new spnego sessions only with a 0
 vuid

Found by the raw.context test.

metze
---
 source3/smbd/sesssetup.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 7d1535af5ac..f9ba9769b59 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -202,6 +202,11 @@ static void reply_sesssetup_and_X_spnego(struct smb_request *req)
 
 	/* Do we have a valid vuid now ? */
 	if (!is_partial_auth_vuid(sconn, vuid)) {
+		if (vuid != 0) {
+			reply_force_doserror(req, ERRSRV, ERRbaduid);
+			return;
+		}
+
 		/* No, start a new authentication setup. */
 		vuid = register_initial_vuid(sconn);
 		if (vuid == UID_FIELD_INVALID) {
-- 
2.11.4.GIT