Patch "SMB3: Warn user if trying to sign connection that authenticated as guest" has been added to the 4.9-stable tree

<gregkh@xxxxxxxxxxxxxxxxxxx> · Mon, 02 Oct 2017 14:51:10 +0200

This is a note to let you know that I've just added the patch titled

    SMB3: Warn user if trying to sign connection that authenticated as guest

to the 4.9-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     smb3-warn-user-if-trying-to-sign-connection-that-authenticated-as-guest.patch
and it can be found in the queue-4.9 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From c721c38957fb19982416f6be71aae7b30630d83b Mon Sep 17 00:00:00 2001
From: Steve French <smfrench@xxxxxxxxx>
Date: Tue, 19 Sep 2017 18:40:03 -0500
Subject: SMB3: Warn user if trying to sign connection that authenticated as guest

From: Steve French <smfrench@xxxxxxxxx>

commit c721c38957fb19982416f6be71aae7b30630d83b upstream.

It can be confusing if user ends up authenticated as guest but they
requested signing (server will return error validating signed packets)
so add log message for this.

Signed-off-by: Steve French <smfrench@xxxxxxxxx>
Reviewed-by: Ronnie Sahlberg <lsahlber@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
 fs/cifs/smb2pdu.c |    2 ++
 1 file changed, 2 insertions(+)

--- a/fs/cifs/smb2pdu.c
+++ b/fs/cifs/smb2pdu.c
@@ -1010,6 +1010,8 @@ SMB2_sess_setup(const unsigned int xid,
 	while (sess_data->func)
 		sess_data->func(sess_data);
 
+	if ((ses->session_flags & SMB2_SESSION_FLAG_IS_GUEST) && (ses->sign))
+		cifs_dbg(VFS, "signing requested but authenticated as guest\n");
 	rc = sess_data->result;
 out:
 	kfree(sess_data);


Patches currently in stable-queue which might be from smfrench@xxxxxxxxx are

queue-4.9/cifs-release-cifs-root_cred-after-exit_cifs.patch
queue-4.9/smb3-warn-user-if-trying-to-sign-connection-that-authenticated-as-guest.patch
queue-4.9/smb3-don-t-ignore-o_sync-o_dsync-and-o_direct-flags.patch
queue-4.9/fix-smb3.1.1-guest-authentication-to-samba.patch
queue-4.9/cifs-release-auth_key.response-for-reconnect.patch
queue-4.9/smb-validate-negotiate-to-protect-against-downgrade-even-if-signing-off.patch






