Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 777f69b8 authored by Stefan Metzmacher's avatar Stefan Metzmacher Committed by Steve French
Browse files

fs/cifs: correctly to anonymous authentication for the NTLM(v1) authentication 

Only server which map unknown users to guest will allow
access using a non-null NTChallengeResponse.

For Samba it's the "map to guest = bad user" option.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11913



Signed-off-by: default avatarStefan Metzmacher <metze@samba.org>
CC: Stable <stable@vger.kernel.org>
Signed-off-by: default avatarSteve French <smfrench@gmail.com>
parent fa8f3a35

fs/cifs/sess.c

+23 −18
Original line number Diff line number Diff line
@@ -781,6 +781,7 @@ sess_auth_ntlm(struct sess_data *sess_data) 
	capabilities = cifs_ssetup_hdr(ses, pSMB);



	pSMB->req_no_secext.Capabilities = cpu_to_le32(capabilities);

	if (ses->user_name != NULL) {

		pSMB->req_no_secext.CaseInsensitivePasswordLength =

				cpu_to_le16(CIFS_AUTH_RESP_SIZE);

		pSMB->req_no_secext.CaseSensitivePasswordLength =
@@ -801,6 +802,10 @@ sess_auth_ntlm(struct sess_data *sess_data) 
		memcpy(bcc_ptr, ses->auth_key.response + CIFS_SESS_KEY_SIZE,

				CIFS_AUTH_RESP_SIZE);

		bcc_ptr += CIFS_AUTH_RESP_SIZE;

	} else {

		pSMB->req_no_secext.CaseInsensitivePasswordLength = 0;

		pSMB->req_no_secext.CaseSensitivePasswordLength = 0;

	}



	if (ses->capabilities & CAP_UNICODE) {

		/* unicode strings must be word aligned */