Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
tjh.dev
kernel
os
linux
cifs: Fix regression in LANMAN (LM) auth code
LANMAN response length was changed to 16 bytes instead of 24 bytes.
Revert it back to 24 bytes.
Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
CC: stable@kernel.org
Signed-off-by: Steve French <sfrench@us.ibm.com>
authored by Shirish Pargaonkar and committed by Steve French 5e640927 96161256
+4
-4
fs/cifs/sess.c
+4
-4
fs/cifs/sess.c
···
656
656
657
657
if (type == LANMAN) {
658
658
#ifdef CONFIG_CIFS_WEAK_PW_HASH
659
-
char lnm_session_key[CIFS_SESS_KEY_SIZE];
659
+
char lnm_session_key[CIFS_AUTH_RESP_SIZE];
660
660
661
661
pSMB->req.hdr.Flags2 &= ~SMBFLG2_UNICODE;
662
662
663
663
/* no capabilities flags in old lanman negotiation */
664
664
665
-
pSMB->old_req.PasswordLength = cpu_to_le16(CIFS_SESS_KEY_SIZE);
665
+
pSMB->old_req.PasswordLength = cpu_to_le16(CIFS_AUTH_RESP_SIZE);
666
666
667
667
/* Calculate hash with password and copy into bcc_ptr.
668
668
* Encryption Key (stored as in cryptkey) gets used if the
···
675
675
true : false, lnm_session_key);
676
676
677
677
ses->flags |= CIFS_SES_LANMAN;
678
-
memcpy(bcc_ptr, (char *)lnm_session_key, CIFS_SESS_KEY_SIZE);
679
-
bcc_ptr += CIFS_SESS_KEY_SIZE;
678
+
memcpy(bcc_ptr, (char *)lnm_session_key, CIFS_AUTH_RESP_SIZE);
679
+
bcc_ptr += CIFS_AUTH_RESP_SIZE;
680
680
681
681
/* can not sign if LANMAN negotiated so no need
682
682
to calculate signing key? but what if server