diff options
| author | Stefan Metzmacher <metze@samba.org> | 2016-05-03 10:52:30 +0200 |
|---|---|---|
| committer | Sasha Levin <sasha.levin@oracle.com> | 2016-06-06 19:12:24 -0400 |
| commit | 8f83c4496e5a08bc834a7475129f64d6e21789aa (patch) | |
| tree | df2cea314b4d894c9c3388b12dc095c66079e3d3 | |
| parent | f39b179308d938c7bb6da74fd0699c0eb4356ef8 (diff) | |
fs/cifs: correctly to anonymous authentication for the LANMAN authentication
[ Upstream commit fa8f3a354bb775ec586e4475bcb07f7dece97e0c ]
Only server which map unknown users to guest will allow
access using a non-null LMChallengeResponse.
For Samba it's the "map to guest = bad user" option.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11913
Signed-off-by: Stefan Metzmacher <metze@samba.org>
CC: Stable <stable@vger.kernel.org>
Signed-off-by: Steve French <smfrench@gmail.com>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
| -rw-r--r-- | fs/cifs/sess.c | 28 |
1 files changed, 16 insertions, 12 deletions
diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c index abaeeab8793c..91dbaca39e56 100644 --- a/fs/cifs/sess.c +++ b/fs/cifs/sess.c @@ -678,20 +678,24 @@ sess_auth_lanman(struct sess_data *sess_data) pSMB->req.hdr.Flags2 &= ~SMBFLG2_UNICODE; - /* no capabilities flags in old lanman negotiation */ - pSMB->old_req.PasswordLength = cpu_to_le16(CIFS_AUTH_RESP_SIZE); + if (ses->user_name != NULL) { + /* no capabilities flags in old lanman negotiation */ + pSMB->old_req.PasswordLength = cpu_to_le16(CIFS_AUTH_RESP_SIZE); - /* Calculate hash with password and copy into bcc_ptr. - * Encryption Key (stored as in cryptkey) gets used if the - * security mode bit in Negottiate Protocol response states - * to use challenge/response method (i.e. Password bit is 1). - */ - rc = calc_lanman_hash(ses->password, ses->server->cryptkey, - ses->server->sec_mode & SECMODE_PW_ENCRYPT ? - true : false, lnm_session_key); + /* Calculate hash with password and copy into bcc_ptr. + * Encryption Key (stored as in cryptkey) gets used if the + * security mode bit in Negottiate Protocol response states + * to use challenge/response method (i.e. Password bit is 1). + */ + rc = calc_lanman_hash(ses->password, ses->server->cryptkey, + ses->server->sec_mode & SECMODE_PW_ENCRYPT ? + true : false, lnm_session_key); - memcpy(bcc_ptr, (char *)lnm_session_key, CIFS_AUTH_RESP_SIZE); - bcc_ptr += CIFS_AUTH_RESP_SIZE; + memcpy(bcc_ptr, (char *)lnm_session_key, CIFS_AUTH_RESP_SIZE); + bcc_ptr += CIFS_AUTH_RESP_SIZE; + } else { + pSMB->old_req.PasswordLength = 0; + } /* * can not sign if LANMAN negotiated so no need |