Do not set SMB2_GLOBAL_CAP_ENCRYPTION for SMB 3.1.1. Fixes #550 #551
Conversation
|
Could you send this patch to [email protected]? |
| conn->vals->capabilities |= SMB2_GLOBAL_CAP_LEASING; | ||
|
|
||
| if (conn->cipher_type) | ||
| conn->vals->capabilities |= SMB2_GLOBAL_CAP_ENCRYPTION; |
There was a problem hiding this comment.
Is this the root cause of your encryption problem?
smb2pdu.c
Outdated
| * SMB 3.1.1 uses the cipher_type field. | ||
| */ | ||
| encrequested = conn->cipher_type || | ||
| (conn->vals->capabilities & SMB2_GLOBAL_CAP_ENCRYPTION); |
There was a problem hiding this comment.
we don't need to use encrequested variable.
There was a problem hiding this comment.
I created the variable to make clearer the conditions on which the encryption applied, since there were already a sizeable amount of operands in the if statement.
Mixing complex and, ors and bit-twiddling in the same if would be a big no for me since it requires thinking about C's operand priorities, but if you'd prefer I can change it.
There was a problem hiding this comment.
I've moved the logic into a function, which makes it IMHO clearer and reduces duplicate code.
I'll send it now to the LKML for further review.
According to the official Microsoft MS-SMB2 document section 3.3.5.4, this flag should be used only for 3.0 and 3.0.2 dialects. Setting it for 3.1.1 is a violation of the specification.
| * | ||
| * Return: true if should be encrypted, else false | ||
| */ | ||
| static bool should_encrypt(struct ksmbd_conn *conn) |
There was a problem hiding this comment.
I don't like this naming sense. how about smb3_encryption_negotiated()
|
I've just sent the patch to the LKML, so I am gonna close this PR :) |
3 participants
According to the official Microsoft MS-SMB2 document section 3.3.5.4, this
flag should be used only for 3.0 and 3.0.2 dialects. Setting it for 3.1.1 is
a violation of the specification.
This caused Windows 10 to detect a mistake in the protocol, and disable
encryption despite being enabled in the settings.