From: Derrick Brashear <shadow@dementix.org>
Date: Mon, 26 Mar 2012 13:01:19 +0000 (-0400)
Subject: Revert "Windows: Workaround Win7 SMB Reconnect Bug"
X-Git-Tag: upstream/1.6.1^2~2
X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=842a5a118af95476a95965e8f6be6bb05e26e446;p=packages%2Fo%2Fopenafs.git

Revert "Windows: Workaround Win7 SMB Reconnect Bug"

This reverts commit 2c4618adc47fa1336a4636bd328c0dad0194c9d2.

This change causes issues as-is for users who are not experiencing the
reconnect bug, and when investigation is complete a corrected version
will be included in a future release.

Change-Id: I3833a2485c37f547d23612414f262c2af2208fb2
Reviewed-on: http://gerrit.openafs.org/6960
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
---

diff --git a/src/WINNT/afsd/smb.c b/src/WINNT/afsd/smb.c
index 8c6502385..dd2c9074a 100644
--- a/src/WINNT/afsd/smb.c
+++ b/src/WINNT/afsd/smb.c
@@ -770,7 +770,7 @@ smb_vc_t *smb_FindVC(unsigned short lsn, int flags, int lana)
         vcp->lana = lana;
         vcp->secCtx = NULL;
 
-        if (smb_authType == SMB_AUTH_NTLM) {
+        if (smb_authType == SMB_AUTH_NTLM || smb_authType == SMB_AUTH_EXTENDED) {
             /* We must obtain a challenge for extended auth
              * in case the client negotiates smb v3
              */
@@ -3976,36 +3976,22 @@ long smb_ReceiveNegotiate(smb_vc_t *vcp, smb_packet_t *inp, smb_packet_t *outp)
                                   datap + MSV1_0_CHALLENGE_LENGTH,
                                   (int)(sizeof(outp->data)/sizeof(char) - (datap - outp->data)));
         } else if ( smb_authType == SMB_AUTH_EXTENDED ) {
-            void * secBlob = NULL;
-            int secBlobLength = 0;
+            void * secBlob;
+            int secBlobLength;
 
             smb_SetSMBParmByte(outp, 16, 0); /* Encryption key length */
 
-            /*
-             * The SMB specification permits the server to save a round trip
-             * in the GSS negotiation by sending an initial security blob.
-             * Unfortunately, doing so trips a bug in Windows 7 and Server 2008 R2
-             * whereby the SMB 1.x redirector drops the blob on the floor after
-             * the first connection to the server and simply attempts to reuse
-             * the previous authentication context.  This bug can be avoided by
-             * the server sending no security blob in the SMB_COM_NEGOTIATE
-             * response.  This forces the client to send an initial GSS init_sec_context
-             * blob under all circumstances which works around the bug in Microsoft's
-             * code.
-             *
-             * Do not call smb_NegotiateExtendedSecurity(&secBlob, &secBlobLength);
-             */
+            smb_NegotiateExtendedSecurity(&secBlob, &secBlobLength);
 
             smb_SetSMBDataLength(outp, secBlobLength + sizeof(smb_ServerGUID));
-            datap = smb_GetSMBData(outp, NULL);
 
+            datap = smb_GetSMBData(outp, NULL);
             memcpy(datap, &smb_ServerGUID, sizeof(smb_ServerGUID));
-            datap += sizeof(smb_ServerGUID);
 
             if (secBlob) {
+                datap += sizeof(smb_ServerGUID);
                 memcpy(datap, secBlob, secBlobLength);
                 free(secBlob);
-                datap += sizeof(secBlobLength);
             }
         } else {
             smb_SetSMBParmByte(outp, 16, 0);/* Challenge length */