cifs: Correctly set SMB1 SessionKey field in Session Setup Request

[MS-CIFS] specification in section 2.2.4.53.1 where is described
SMB_COM_SESSION_SETUP_ANDX Request, for SessionKey field says:

    The client MUST set this field to be equal to the SessionKey field in
    the SMB_COM_NEGOTIATE Response for this SMB connection.

Linux SMB client currently set this field to zero. This is working fine
against Windows NT SMB servers thanks to [MS-CIFS] product behavior <94>:

    Windows NT Server ignores the client's SessionKey.

For compatibility with [MS-CIFS], set this SessionKey field in Session
Setup Request to value retrieved from Negotiate response.

Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>

diff --git a/fs/smb/client/cifsglob.h b/fs/smb/client/cifsglob.h
index 3b32116b0b4964920c866110bcaeb121c2a22b75..4d097b074b5fd9ff858686f852fc44753de9dcb2 100644 (file)
--- a/fs/smb/client/cifsglob.h
+++ b/fs/smb/client/cifsglob.h
@@ -773,6 +773,7 @@ struct TCP_Server_Info {
        char workstation_RFC1001_name[RFC1001_NAME_LEN_WITH_NULL];
        __u32 sequence_number; /* for signing, protected by srv_mutex */
        __u32 reconnect_instance; /* incremented on each reconnect */
+       __le32 session_key_id; /* retrieved from negotiate response and send in session setup request */
        struct session_key session_key;
        unsigned long lstrp; /* when we got last response from this server */
        struct cifs_secmech secmech; /* crypto sec mech functs, descriptors */

diff --git a/fs/smb/client/cifspdu.h b/fs/smb/client/cifspdu.h
index 1b79fe07476f653439dea81dd4e943747fdb06c9..d9cf7db0ac35e960078cfd5b342f72cce7629e42 100644 (file)
--- a/fs/smb/client/cifspdu.h
+++ b/fs/smb/client/cifspdu.h
@@ -597,7 +597,7 @@ typedef union smb_com_session_setup_andx {
                __le16 MaxBufferSize;
                __le16 MaxMpxCount;
                __le16 VcNumber;
-               __u32 SessionKey;
+               __le32 SessionKey;
                __le16 SecurityBlobLength;
                __u32 Reserved;
                __le32 Capabilities;    /* see below */
@@ -616,7 +616,7 @@ typedef union smb_com_session_setup_andx {
                __le16 MaxBufferSize;
                __le16 MaxMpxCount;
                __le16 VcNumber;
-               __u32 SessionKey;
+               __le32 SessionKey;
                __le16 CaseInsensitivePasswordLength; /* ASCII password len */
                __le16 CaseSensitivePasswordLength; /* Unicode password length*/
                __u32 Reserved; /* see below */
@@ -654,7 +654,7 @@ typedef union smb_com_session_setup_andx {
                __le16 MaxBufferSize;
                __le16 MaxMpxCount;
                __le16 VcNumber;
-               __u32 SessionKey;
+               __le32 SessionKey;
                __le16 PasswordLength;
                __u32 Reserved; /* encrypt key len and offset */
                __le16 ByteCount;

diff --git a/fs/smb/client/cifssmb.c b/fs/smb/client/cifssmb.c
index f55457b4b82e363ff2524bdb89685afb09ca17ec..f6ec0045c5138898805f1ccae886a98f4865aa4c 100644 (file)
--- a/fs/smb/client/cifssmb.c
+++ b/fs/smb/client/cifssmb.c
@@ -498,6 +498,7 @@ CIFSSMBNegotiate(const unsigned int xid,
        server->max_rw = le32_to_cpu(pSMBr->MaxRawSize);
        cifs_dbg(NOISY, "Max buf = %d\n", ses->server->maxBuf);
        server->capabilities = le32_to_cpu(pSMBr->Capabilities);
+       server->session_key_id = pSMBr->SessionKey;
        server->timeAdj = (int)(__s16)le16_to_cpu(pSMBr->ServerTimeZone);
        server->timeAdj *= 60;
 

diff --git a/fs/smb/client/sess.c b/fs/smb/client/sess.c
index 0f51d136cf23ebe9f145fdd37ed3ef849da00cb7..79b4bd45e31a6edb4fc2c38cc5ed422610c9c349 100644 (file)
--- a/fs/smb/client/sess.c
+++ b/fs/smb/client/sess.c
@@ -628,6 +628,7 @@ static __u32 cifs_ssetup_hdr(struct cifs_ses *ses,
                                        USHRT_MAX));
        pSMB->req.MaxMpxCount = cpu_to_le16(server->maxReq);
        pSMB->req.VcNumber = cpu_to_le16(1);
+       pSMB->req.SessionKey = server->session_key_id;
 
        /* Now no need to set SMBFLG_CASELESS or obsolete CANONICAL PATH */