Skip to content

Commit

Permalink
smb3: do not set NTLMSSP_VERSION flag for negotiate not auth request
Browse files Browse the repository at this point in the history 
BugLink: https://bugs.launchpad.net/bugs/2036450

The NTLMSSP_NEGOTIATE_VERSION flag only needs to be sent during
the NTLMSSP NEGOTIATE (not the AUTH) request, so filter it out for
NTLMSSP AUTH requests. See MS-NLMP 2.2.1.3

This fixes a problem found by the gssntlmssp server.

Link: gssapi/gss-ntlmssp#95
Fixes: 52d005337b2c ("smb3: send NTLMSSP version information")
Acked-by: Roy Shterman <roy.shterman@gmail.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
  • Loading branch information
@smb49
Steve French authored and smb49 committed Apr 17, 2024
1 parent bc2c54c commit 32c6cea
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion fs/cifs/sess.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1013,6 +1013,7 @@ int build_ntlmssp_smb3_negotiate_blob(unsigned char **pbuffer,
}


/* See MS-NLMP 2.2.1.3 */
int build_ntlmssp_auth_blob(unsigned char **pbuffer,
u16 *buflen,
struct cifs_ses *ses,
Expand Down Expand Up @@ -1047,7 +1048,8 @@ int build_ntlmssp_auth_blob(unsigned char **pbuffer,

flags = ses->ntlmssp->server_flags | NTLMSSP_REQUEST_TARGET |
NTLMSSP_NEGOTIATE_TARGET_INFO | NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED;

/* we only send version information in ntlmssp negotiate, so do not set this flag */
flags = flags & ~NTLMSSP_NEGOTIATE_VERSION;
tmp = *pbuffer + sizeof(AUTHENTICATE_MESSAGE);
sec_blob->NegotiateFlags = cpu_to_le32(flags);

Expand Down

0 comments on commit 32c6cea

Please sign in to comment.