[CIFS] SMB3 mounts fail with access denied to some servers

Message ID	CAH2r5muKfZKD9THXbwW7-A806LK+_20fuBuS9iyJfqUxf_NaJQ@mail.gmail.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <linux-cifs-owner@vger.kernel.org> MIME-Version: 1.0 Date: Tue, 4 Dec 2012 17:12:12 -0600 Message-ID: <CAH2r5muKfZKD9THXbwW7-A806LK+_20fuBuS9iyJfqUxf_NaJQ@mail.gmail.com> Subject: [PATCH] [CIFS] SMB3 mounts fail with access denied to some servers From: Steve French <smfrench@gmail.com> To: linux-cifs@vger.kernel.org Content-Type: text/plain; charset=ISO-8859-1 Sender: linux-cifs-owner@vger.kernel.org Precedence: bulk

Message ID

CAH2r5muKfZKD9THXbwW7-A806LK+_20fuBuS9iyJfqUxf_NaJQ@mail.gmail.com (mailing list archive)

State

New, archived

Headers

MIME-Version: 1.0
Date: Tue, 4 Dec 2012 17:12:12 -0600
Message-ID: <CAH2r5muKfZKD9THXbwW7-A806LK+_20fuBuS9iyJfqUxf_NaJQ@mail.gmail.com>
Subject: [PATCH] [CIFS] SMB3 mounts fail with access denied to some servers
From: Steve French <smfrench@gmail.com>
To: linux-cifs@vger.kernel.org
Content-Type: text/plain; charset=ISO-8859-1
Sender: linux-cifs-owner@vger.kernel.org
Precedence: bulk

Commit Message

Steve French Dec. 4, 2012, 11:12 p.m. UTC

Author: Steve French <smfrench@gmail.com>
Date:   Tue Dec 4 16:56:37 2012 -0600

    [CIFS] SMB3 mounts fail with access denied to some servers

    We were checking incorrectly if signatures were required to be sent,
    so were always sending signatures after the initial session establishment.
    For SMB3 mounts (vers=3.0) this was a problem because we were putting
    SMB2 signatures in SMB3 requests which would cause access denied
    on mount (the tree connection would fail).

    Signed-off-by: Steve French <smfrench@gmail.com>

Comments

Jeff Layton Dec. 5, 2012, 5:24 p.m. UTC | #1

On Tue, 4 Dec 2012 17:12:12 -0600
Steve French <smfrench@gmail.com> wrote:

> Author: Steve French <smfrench@gmail.com>
> Date:   Tue Dec 4 16:56:37 2012 -0600
> 
>     [CIFS] SMB3 mounts fail with access denied to some servers
> 
>     We were checking incorrectly if signatures were required to be sent,
>     so were always sending signatures after the initial session establishment.
>     For SMB3 mounts (vers=3.0) this was a problem because we were putting
>     SMB2 signatures in SMB3 requests which would cause access denied
>     on mount (the tree connection would fail).
> 
>     Signed-off-by: Steve French <smfrench@gmail.com>
> 
> diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c
> index cf33622..e7f9dbc 100644
> --- a/fs/cifs/smb2pdu.c
> +++ b/fs/cifs/smb2pdu.c
> @@ -425,7 +425,7 @@ SMB2_negotiate(const unsigned int xid, struct cifs_ses *ses)
>         }
> 
>         cFYI(1, "sec_flags 0x%x", sec_flags);
> -       if (sec_flags & CIFSSEC_MUST_SIGN) {
> +       if ((sec_flags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) {
>                 cFYI(1, "Signing required");
>                 if (!(server->sec_mode & (SMB2_NEGOTIATE_SIGNING_REQUIRED |
>                       SMB2_NEGOTIATE_SIGNING_ENABLED))) {
> 
> 

Looks correct...

Reviewed-by: Jeff Layton <jlayton@redhat.com>
--
To unsubscribe from this list: send the line "unsubscribe linux-cifs" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c
index cf33622..e7f9dbc 100644
--- a/fs/cifs/smb2pdu.c
+++ b/fs/cifs/smb2pdu.c
@@ -425,7 +425,7 @@  SMB2_negotiate(const unsigned int xid, struct cifs_ses *ses)
        }

        cFYI(1, "sec_flags 0x%x", sec_flags);
-       if (sec_flags & CIFSSEC_MUST_SIGN) {
+       if ((sec_flags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) {
                cFYI(1, "Signing required");
                if (!(server->sec_mode & (SMB2_NEGOTIATE_SIGNING_REQUIRED |
                      SMB2_NEGOTIATE_SIGNING_ENABLED))) {

[CIFS] SMB3 mounts fail with access denied to some servers

Commit Message

Comments

Patch