Commit 5bedae90 authored by Namjae Jeon's avatar Namjae Jeon Committed by Steve French

ksmbd: set NTLMSSP_NEGOTIATE_SEAL flag to challenge blob

If NTLMSSP_NEGOTIATE_SEAL flags is set in negotiate blob from client,
Set NTLMSSP_NEGOTIATE_SEAL flag to challenge blob.
Signed-off-by: default avatarNamjae Jeon <linkinjeon@kernel.org>
Signed-off-by: default avatarSteve French <stfrench@microsoft.com>
parent af705ef2
...@@ -424,6 +424,9 @@ ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob, ...@@ -424,6 +424,9 @@ ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,
NTLMSSP_NEGOTIATE_56); NTLMSSP_NEGOTIATE_56);
} }
if (cflags & NTLMSSP_NEGOTIATE_SEAL && smb3_encryption_negotiated(conn))
flags |= NTLMSSP_NEGOTIATE_SEAL;
if (cflags & NTLMSSP_NEGOTIATE_ALWAYS_SIGN) if (cflags & NTLMSSP_NEGOTIATE_ALWAYS_SIGN)
flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN; flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN;
......
...@@ -925,7 +925,7 @@ static void decode_encrypt_ctxt(struct ksmbd_conn *conn, ...@@ -925,7 +925,7 @@ static void decode_encrypt_ctxt(struct ksmbd_conn *conn,
* *
* Return: true if connection should be encrypted, else false * Return: true if connection should be encrypted, else false
*/ */
static bool smb3_encryption_negotiated(struct ksmbd_conn *conn) bool smb3_encryption_negotiated(struct ksmbd_conn *conn)
{ {
if (!conn->ops->generate_encryptionkey) if (!conn->ops->generate_encryptionkey)
return false; return false;
......
...@@ -494,6 +494,7 @@ int smb3_decrypt_req(struct ksmbd_work *work); ...@@ -494,6 +494,7 @@ int smb3_decrypt_req(struct ksmbd_work *work);
int smb3_encrypt_resp(struct ksmbd_work *work); int smb3_encrypt_resp(struct ksmbd_work *work);
bool smb3_11_final_sess_setup_resp(struct ksmbd_work *work); bool smb3_11_final_sess_setup_resp(struct ksmbd_work *work);
int smb2_set_rsp_credits(struct ksmbd_work *work); int smb2_set_rsp_credits(struct ksmbd_work *work);
bool smb3_encryption_negotiated(struct ksmbd_conn *conn);
/* smb2 misc functions */ /* smb2 misc functions */
int ksmbd_smb2_check_message(struct ksmbd_work *work); int ksmbd_smb2_check_message(struct ksmbd_work *work);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment