Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5e640927 authored by Shirish Pargaonkar's avatar Shirish Pargaonkar Committed by Steve French
Browse files

cifs: Fix regression in LANMAN (LM) auth code 



LANMAN response length was changed to 16 bytes instead of 24 bytes.
Revert it back to 24 bytes.

Signed-off-by: default avatarShirish Pargaonkar <shirishpargaonkar@gmail.com>
CC: stable@kernel.org
Signed-off-by: default avatarSteve French <sfrench@us.ibm.com>
parent 96161256

fs/cifs/sess.c

+4 −4
Original line number Diff line number Diff line
@@ -656,13 +656,13 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, 


	if (type == LANMAN) {

#ifdef CONFIG_CIFS_WEAK_PW_HASH

		char lnm_session_key[CIFS_SESS_KEY_SIZE];

		char lnm_session_key[CIFS_AUTH_RESP_SIZE];



		pSMB->req.hdr.Flags2 &= ~SMBFLG2_UNICODE;



		/* no capabilities flags in old lanman negotiation */



		pSMB->old_req.PasswordLength = cpu_to_le16(CIFS_SESS_KEY_SIZE);

		pSMB->old_req.PasswordLength = cpu_to_le16(CIFS_AUTH_RESP_SIZE);



		/* Calculate hash with password and copy into bcc_ptr.

		 * Encryption Key (stored as in cryptkey) gets used if the
@@ -675,8 +675,8 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, 
					true : false, lnm_session_key);



		ses->flags |= CIFS_SES_LANMAN;

		memcpy(bcc_ptr, (char *)lnm_session_key, CIFS_SESS_KEY_SIZE);

		bcc_ptr += CIFS_SESS_KEY_SIZE;

		memcpy(bcc_ptr, (char *)lnm_session_key, CIFS_AUTH_RESP_SIZE);

		bcc_ptr += CIFS_AUTH_RESP_SIZE;



		/* can not sign if LANMAN negotiated so no need

		to calculate signing key? but what if server