diff options
| author | Steve French <stfrench@microsoft.com> | 2023-07-25 01:05:23 -0500 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2023-08-03 10:24:04 +0200 |
| commit | ddac66e802cec7102a4328d98f671c7079c8035b (patch) | |
| tree | 721b6b82e1b6d6e4823458cc4f5dd4aaff7ce66d /fs | |
| parent | 55704f087f780189a069937096e2304dc026e3a5 (diff) | |
| download | linux-ddac66e802cec7102a4328d98f671c7079c8035b.tar.gz | |
smb3: do not set NTLMSSP_VERSION flag for negotiate not auth request
[ Upstream commit 19826558210b9102a7d4681c91784d137d60d71b ]
The NTLMSSP_NEGOTIATE_VERSION flag only needs to be sent during
the NTLMSSP NEGOTIATE (not the AUTH) request, so filter it out for
NTLMSSP AUTH requests. See MS-NLMP 2.2.1.3
This fixes a problem found by the gssntlmssp server.
Link: https://github.com/gssapi/gss-ntlmssp/issues/95
Fixes: 52d005337b2c ("smb3: send NTLMSSP version information")
Acked-by: Roy Shterman <roy.shterman@gmail.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'fs')
| -rw-r--r-- | fs/smb/client/sess.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/fs/smb/client/sess.c b/fs/smb/client/sess.c index 81be17845072..1e3e22979604 100644 --- a/fs/smb/client/sess.c +++ b/fs/smb/client/sess.c @@ -1014,6 +1014,7 @@ setup_ntlm_smb3_neg_ret: } +/* See MS-NLMP 2.2.1.3 */ int build_ntlmssp_auth_blob(unsigned char **pbuffer, u16 *buflen, struct cifs_ses *ses, @@ -1048,7 +1049,8 @@ int build_ntlmssp_auth_blob(unsigned char **pbuffer, flags = ses->ntlmssp->server_flags | NTLMSSP_REQUEST_TARGET | NTLMSSP_NEGOTIATE_TARGET_INFO | NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED; - + /* we only send version information in ntlmssp negotiate, so do not set this flag */ + flags = flags & ~NTLMSSP_NEGOTIATE_VERSION; tmp = *pbuffer + sizeof(AUTHENTICATE_MESSAGE); sec_blob->NegotiateFlags = cpu_to_le32(flags); |