From 6188f28bf608ddecc2377663b0f2f709440c19ba Mon Sep 17 00:00:00 2001
From: Steve French <smfrench@gmail.com>
Date: Tue, 13 Mar 2018 02:29:36 -0500
Subject: [PATCH] Tree connect for SMB3.1.1 must be signed for non-encrypted
shares
Git-commit: 6188f28bf608ddecc2377663b0f2f709440c19ba
Patch-mainline: v4.17-rc1
References: bsc#1051510
SMB3.1.1 tree connect was only being signed when signing was mandatory
but needs to always be signed (for non-guest users).
See MS-SMB2 section 3.2.4.1.1
Signed-off-by: Steve French <smfrench@gmail.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
CC: Stable <stable@vger.kernel.org>
Acked-by: Paulo Alcantara <palcantara@suse.de>
---
fs/cifs/smb2pdu.c | 5 +++++
1 file changed, 5 insertions(+)
--- a/fs/cifs/smb2pdu.c
+++ b/fs/cifs/smb2pdu.c
@@ -1325,6 +1325,11 @@ SMB2_tcon(const unsigned int xid, struct
iov[1].iov_base = unc_path;
iov[1].iov_len = unc_path_len;
+ /* 3.11 tcon req must be signed if not encrypted. See MS-SMB2 3.2.4.1.1 */
+ if ((ses->server->dialect == SMB311_PROT_ID) &&
+ !encryption_required(tcon))
+ req->hdr.sync_hdr.Flags |= SMB2_FLAGS_SIGNED;
+
inc_rfc1001_len(req, unc_path_len - 1 /* pad */);
rc = SendReceive2(xid, ses, iov, 2, &resp_buftype, flags, &rsp_iov);