Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit f291095f authored by Noel Power's avatar Noel Power Committed by Steve French
Browse files

client MUST ignore EncryptionKeyLength if CAP_EXTENDED_SECURITY is set 



[MS-SMB] 2.2.4.5.2.1 states:

"ChallengeLength (1 byte): When the CAP_EXTENDED_SECURITY bit is set,
 the server MUST set this value to zero and clients MUST ignore this
 value."

Signed-off-by: default avatarNoel Power <noel.power@suse.com>
Signed-off-by: default avatarSteve French <smfrench@gmail.com>
parent 4a10a917

fs/cifs/cifssmb.c

+2 −3
Original line number Diff line number Diff line
@@ -625,9 +625,8 @@ CIFSSMBNegotiate(const unsigned int xid, struct cifs_ses *ses) 
		server->negflavor = CIFS_NEGFLAVOR_UNENCAP;

		memcpy(ses->server->cryptkey, pSMBr->u.EncryptionKey,

		       CIFS_CRYPTO_KEY_SIZE);

	} else if ((pSMBr->hdr.Flags2 & SMBFLG2_EXT_SEC ||

			server->capabilities & CAP_EXTENDED_SECURITY) &&

				(pSMBr->EncryptionKeyLength == 0)) {

	} else if (pSMBr->hdr.Flags2 & SMBFLG2_EXT_SEC ||

			server->capabilities & CAP_EXTENDED_SECURITY) {

		server->negflavor = CIFS_NEGFLAVOR_EXTENDED;

		rc = decode_ext_sec_blob(ses, pSMBr);

	} else if (server->sec_mode & SECMODE_PW_ENCRYPT) {