]> git.michaelhowe.org Git - packages/o/openafs.git/commitdiff
projects / packages / o / openafs.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2265aee)
Windows: Fix SMB_COM_NEGOTIATE for MS11-043
authorJeffrey Altman <jaltman@your-file-system.com>
Fri, 24 Jun 2011 03:49:32 +0000 (23:49 -0400)
committerJeffrey Altman <jaltman@openafs.org>
Tue, 28 Jun 2011 13:26:03 +0000 (06:26 -0700)
MS11-043 adds response validation for SMB_COM_NEGOTIATE messages
received by the SMB Redirector.  OpenAFS failed to properly specify
a Challenge and DomainName in the response when the security mode
is SMB_AUTH_NONE (or share with password).  This patchset corrects
smb_ReceiveNegotiate() so that it adheres to the protocol specification.

FIXES 130033

Reviewed-on: http://gerrit.openafs.org/4886
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Tested-by: Jeffrey Altman <jaltman@openafs.org>
(cherry-picked from 7532b05221caf2c382d9e8c9ca5af4a284566920)

Change-Id: I67eb2b293228cacb4df20ac072beaf03f2111c55
Reviewed-on: http://gerrit.openafs.org/4893
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Tested-by: Jeffrey Altman <jaltman@openafs.org>
src/WINNT/afsd/smb.c patch | blob | history

diff --git a/src/WINNT/afsd/smb.c b/src/WINNT/afsd/smb.c
index 7948045d22e7e59672ac8a785e34975acbe6c4bc..2980ce156aa494b264f2510f963f83b48c70736d 100644 (file)
--- a/src/WINNT/afsd/smb.c
+++ b/src/WINNT/afsd/smb.c
@@ -3920,8 +3920,7 @@ long smb_ReceiveNegotiate(smb_vc_t *vcp, smb_packet_t *inp, smb_packet_t *outp)
          * the same value for all sessions.  We should generate a random value
          * and store it into the vcp
          */
-        smb_SetSMBParm(outp, 7, 1);    /* next 2: session key */
-        smb_SetSMBParm(outp, 8, 1);
+        smb_SetSMBParmLong(outp, 7, 0x1a2b3c4d);       /* session key */
         /*
          * Tried changing the capabilities to support for W2K - defect 117695
          * Maybe something else needs to be changed here?
@@ -3995,8 +3994,13 @@ long smb_ReceiveNegotiate(smb_vc_t *vcp, smb_packet_t *inp, smb_packet_t *outp)
                 free(secBlob);
             }
         } else {
-            smb_SetSMBParmByte(outp, 16, 0); /* Encryption key length */
-            smb_SetSMBDataLength(outp, 0);   /* Perhaps we should specify 8 bytes anyway */
+            smb_SetSMBParmByte(outp, 16, 0);/* Challenge length */
+            smb_SetSMBDataLength(outp, smb_ServerDomainNameLength);
+            datap = smb_GetSMBData(outp, NULL);
+            /* the faux domain name */
+            cm_ClientStringToUtf8(smb_ServerDomainName, -1,
+                                  datap,
+                                  (int)(sizeof(outp->data)/sizeof(char) - (datap - outp->data)));
         }
     }
     else if (v3ProtoIndex != -1) {