Tree connect for SMB3.1.1 must be signed for non-encrypted shares SMB3.1.1 tree connect was only being signed when signing was mandatory but needs to always be signed (for non-guest users). See MS-SMB2 section 3.2.4.1.1 Signed-off-by: Steve French <smfrench@gmail.com> Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com> CC: Stable <stable@vger.kernel.org>

commit: 6188f28bf608ddecc2377663b0f2f709440c19ba [log] [tgz]
author: Steve French <smfrench@gmail.com> Tue Mar 13 02:29:36 2018 -0500
committer: Steve French <stfrench@microsoft.com> Sun Apr 01 20:24:40 2018 -0500
tree: a13859be080d6bb8f17e14773945a0aa1e43161a
parent: 262916bc69faf90104aa784d55e10760a4199594 [diff] [blame]
diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c
index 4b6920d..af62c75 100644
--- a/fs/cifs/smb2pdu.c
+++ b/fs/cifs/smb2pdu.c

@@ -1305,6 +1305,11 @@ SMB2_tcon(const unsigned int xid, struct cifs_ses *ses, const char *tree,
 	iov[1].iov_base = unc_path;
 	iov[1].iov_len = unc_path_len;
 
+	/* 3.11 tcon req must be signed if not encrypted. See MS-SMB2 3.2.4.1.1 */
+	if ((ses->server->dialect == SMB311_PROT_ID) &&
+	    !encryption_required(tcon))
+		req->sync_hdr.Flags |= SMB2_FLAGS_SIGNED;
+
 	rc = smb2_send_recv(xid, ses, iov, 2, &resp_buftype, flags, &rsp_iov);
 	cifs_small_buf_release(req);
 	rsp = (struct smb2_tree_connect_rsp *)rsp_iov.iov_base;
commit	6188f28bf608ddecc2377663b0f2f709440c19ba	[log] [tgz]
author	Steve French <smfrench@gmail.com>	Tue Mar 13 02:29:36 2018 -0500
committer	Steve French <stfrench@microsoft.com>	Sun Apr 01 20:24:40 2018 -0500
tree	a13859be080d6bb8f17e14773945a0aa1e43161a
parent	262916bc69faf90104aa784d55e10760a4199594 [diff] [blame]