The Samba-Bugzilla – Attachment 16856 Details for
Bug 14855
SMB3 cancel requests should only include the MID together with AsyncID when AES-128-GMAC is used
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for v4-15-test
tmp415.diff.txt (text/plain), 2.30 KB, created by
Stefan Metzmacher
on 2021-10-19 20:28:46 UTC
(
hide
)
Description:
Patch for v4-15-test
Filename:
MIME Type:
Creator:
Stefan Metzmacher
Created:
2021-10-19 20:28:46 UTC
Size:
2.30 KB
patch
obsolete
>From f065ed27522501c19025a28d95a001002357dcd9 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Tue, 28 Sep 2021 22:24:32 +0200 >Subject: [PATCH] libcli/smb: use MID=0 for SMB2 Cancel with ASYNC_ID and > legacy signing algorithms > >We can only assume that servers with support for AES-GMAC-128 signing >will except an SMB2 Cancel with ASYNC_ID and real MID. >This strategy is also used by Windows clients, because >some vendors don't cope otherwise. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=14855 > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Jeremy Allison <jra@samba.org> > >Autobuild-User(master): Jeremy Allison <jra@samba.org> >Autobuild-Date(master): Tue Oct 19 19:23:39 UTC 2021 on sn-devel-184 > >(cherry picked from commit dd07bb81bb9a570b321bb2e5adab42546736ff9f) >--- > libcli/smb/smb2_signing.c | 12 ++++++++++-- > libcli/smb/smbXcli_base.c | 6 +++++- > 2 files changed, 15 insertions(+), 3 deletions(-) > >diff --git a/libcli/smb/smb2_signing.c b/libcli/smb/smb2_signing.c >index fdb69e90a077..29ddfe71a24b 100644 >--- a/libcli/smb/smb2_signing.c >+++ b/libcli/smb/smb2_signing.c >@@ -430,8 +430,16 @@ static NTSTATUS smb2_signing_calc_signature(struct smb2_signing_key *signing_key > } > msg_id = BVAL(hdr, SMB2_HDR_MESSAGE_ID); > if (msg_id == 0) { >- DBG_ERR("opcode[%u] msg_id == 0\n", opcode); >- return NT_STATUS_INTERNAL_ERROR; >+ if (opcode != SMB2_OP_CANCEL || >+ sign_algo_id >= SMB2_SIGNING_AES128_GMAC) >+ { >+ DBG_ERR("opcode[%u] msg_id == 0\n", opcode); >+ return NT_STATUS_INTERNAL_ERROR; >+ } >+ /* >+ * Legacy algorithms allow MID 0 >+ * for cancel requests >+ */ > } > if (msg_id == UINT64_MAX) { > DBG_ERR("opcode[%u] msg_id == UINT64_MAX\n", opcode); >diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c >index 3fb51e33ffe3..7579fa1c3783 100644 >--- a/libcli/smb/smbXcli_base.c >+++ b/libcli/smb/smbXcli_base.c >@@ -3318,7 +3318,11 @@ NTSTATUS smb2cli_req_compound_submit(struct tevent_req **reqs, > > state->smb2.cancel_flags = SVAL(state->smb2.hdr, SMB2_HDR_FLAGS); > state->smb2.cancel_flags &= ~SMB2_HDR_FLAG_CHAINED; >- state->smb2.cancel_mid = mid; >+ if (state->conn->smb2.server.sign_algo >= SMB2_SIGNING_AES128_GMAC) { >+ state->smb2.cancel_mid = mid; >+ } else { >+ state->smb2.cancel_mid = 0; >+ } > state->smb2.cancel_aid = 0; > > skip_credits: >-- >2.25.1 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=16856">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Flags:
jra
:
review+
Actions:
View
Attachments on
bug 14855
: 16856