From f065ed27522501c19025a28d95a001002357dcd9 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Tue, 28 Sep 2021 22:24:32 +0200
Subject: [PATCH] libcli/smb: use MID=0 for SMB2 Cancel with ASYNC_ID and
 legacy signing algorithms

We can only assume that servers with support for AES-GMAC-128 signing
will except an SMB2 Cancel with ASYNC_ID and real MID.
This strategy is also used by Windows clients, because
some vendors don't cope otherwise.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14855

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 19 19:23:39 UTC 2021 on sn-devel-184

(cherry picked from commit dd07bb81bb9a570b321bb2e5adab42546736ff9f)
---
 libcli/smb/smb2_signing.c | 12 ++++++++++--
 libcli/smb/smbXcli_base.c |  6 +++++-
 2 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/libcli/smb/smb2_signing.c b/libcli/smb/smb2_signing.c
index fdb69e90a077..29ddfe71a24b 100644
--- a/libcli/smb/smb2_signing.c
+++ b/libcli/smb/smb2_signing.c
@@ -430,8 +430,16 @@ static NTSTATUS smb2_signing_calc_signature(struct smb2_signing_key *signing_key
 	}
 	msg_id = BVAL(hdr, SMB2_HDR_MESSAGE_ID);
 	if (msg_id == 0) {
-		DBG_ERR("opcode[%u] msg_id == 0\n", opcode);
-		return NT_STATUS_INTERNAL_ERROR;
+		if (opcode != SMB2_OP_CANCEL ||
+		    sign_algo_id >= SMB2_SIGNING_AES128_GMAC)
+		{
+			DBG_ERR("opcode[%u] msg_id == 0\n", opcode);
+			return NT_STATUS_INTERNAL_ERROR;
+		}
+		/*
+		 * Legacy algorithms allow MID 0
+		 * for cancel requests
+		 */
 	}
 	if (msg_id == UINT64_MAX) {
 		DBG_ERR("opcode[%u] msg_id == UINT64_MAX\n", opcode);
diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index 3fb51e33ffe3..7579fa1c3783 100644
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -3318,7 +3318,11 @@ NTSTATUS smb2cli_req_compound_submit(struct tevent_req **reqs,
 
 		state->smb2.cancel_flags = SVAL(state->smb2.hdr, SMB2_HDR_FLAGS);
 		state->smb2.cancel_flags &= ~SMB2_HDR_FLAG_CHAINED;
-		state->smb2.cancel_mid = mid;
+		if (state->conn->smb2.server.sign_algo >= SMB2_SIGNING_AES128_GMAC) {
+			state->smb2.cancel_mid = mid;
+		} else {
+			state->smb2.cancel_mid = 0;
+		}
 		state->smb2.cancel_aid = 0;
 
 skip_credits:
-- 
2.25.1