Needed to add one additional minor change for Samba (samba server
doesn't allow the two byte pad at the end of the negotiate context
that was the result of removing one of the ciphers and returned an
error on SMB311 negprot
I need to add:
diff --git a/fs/cifs/smb2pdu.h b/fs/cifs/smb2pdu.h
index 6093e5142b2b..d28f358022c5 100644
--- a/fs/cifs/smb2pdu.h
+++ b/fs/cifs/smb2pdu.h
@@ -297,7 +297,7 @@ struct smb2_encryption_neg_context {
__le16 DataLength;
__le32 Reserved;
__le16 CipherCount; /* AES-128-GCM and AES-128-CCM */
- __le16 Ciphers[2]; /* Ciphers[0] since only one used now */
+ __le16 Ciphers[1]; /* Ciphers[0] since only one used now */
} __packed;
struct smb2_negotiate_rsp {
sfrench@Ubuntu-17-Virtual-Ma
On Sat, Apr 21, 2018 at 12:04 PM, Steve French <smfrench@xxxxxxxxx> wrote:
> Any extra testing would be appreciated of this - I tried to Windows
> 2016 with and without encrypted share and also to Samba 4.7
>
> On Fri, Apr 20, 2018 at 11:55 PM, Steve French <smfrench@xxxxxxxxx> wrote:
>> On Fri, Apr 20, 2018 at 7:14 PM, Pavel Shilovsky <piastryyy@xxxxxxxxx> wrote:
>>> Looks good. Please also fix the encryption negotiate context:
>>
>> Fixed. Disabled AES-128GCM. See attached.
>>
>> Seems to work ok to Windows 3.11 now, and SMB3 tconx is also now
>> encrypted if "seal" chosen on mount - tried it to Windows 2016 and to
>> Samba 4.7
>>
>> Main remaining problem that I see is smb3.11 reconnect (it looks like
>> we are clearing the hash - but must be missing something)
>> --
>> Thanks,
>>
>> Steve
>
>
>
> --
> Thanks,
>
> Steve
--
Thanks,
Steve
--
To unsubscribe from this list: send the line "unsubscribe linux-cifs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
