Commit 9d6c7705 authored by Marcos Del Sol Vives's avatar Marcos Del Sol Vives Committed by Zhong Jinghua
Browse files

ksmbd: disable SMB2_GLOBAL_CAP_ENCRYPTION for SMB 3.1.1 

mainline inclusion
from mainline-5.16-rc7
commit 83912d6d
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G
CVE: NA

Reference: https://git.kernel.org/torvalds/linux/c/83912d6d55be



-------------------------------

According to the official Microsoft MS-SMB2 document section 3.3.5.4, this
flag should be used only for 3.0 and 3.0.2 dialects. Setting it for 3.1.1
is a violation of the specification.

This causes my Windows 10 client to detect an anomaly in the negotiation,
and disable encryption entirely despite being explicitly enabled in ksmbd,
causing all data transfers to go in plain text.

Fixes: e2f34481 ("cifsd: add server-side procedures for SMB3")
Cc: stable@vger.kernel.org # v5.15
Acked-by: default avatarNamjae Jeon <linkinjeon@kernel.org>
Signed-off-by: default avatarMarcos Del Sol Vives <marcos@orca.pet>
Signed-off-by: default avatarSteve French <stfrench@microsoft.com>
Signed-off-by: default avatarJason Yan <yanaijie@huawei.com>
Signed-off-by: default avatarZhong Jinghua <zhongjinghua@huawei.com>
parent 58d9d309
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment