UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity
OpenCloudOS-Kernel/fs/cifs
History
Steve French 0603c96f3a SMB: Validate negotiate (to protect against downgrade) even if signing off 
As long as signing is supported (ie not a guest user connection) and
connection is SMB3 or SMB3.02, then validate negotiate (protect
against man in the middle downgrade attacks).  We had been doing this
only when signing was required, not when signing was just enabled,
but this more closely matches recommended SMB3 behavior and is
better security.  Suggested by Metze.

Signed-off-by: Steve French <smfrench@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Acked-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
CC: Stable <stable@vger.kernel.org>
 		2017-09-20 19:57:18 -05:00
..
Kconfig [SMB3] Remove ifdef since SMB3 (and later) now STRONGLY preferred 2017-07-08 18:57:07 -05:00
Makefile [SMB3] Remove ifdef since SMB3 (and later) now STRONGLY preferred 2017-07-08 18:57:07 -05:00
asn1.c [CIFS] cifs: Rename cERROR and cFYI to cifs_dbg 2013-05-04 22:17:23 -05:00
cache.c fscache: remove unused ->now_uncached callback 2017-09-06 17:27:26 -07:00
cifs_debug.c [SMB3] Update session and share information displayed for debugging SMB2/SMB3 2017-09-20 16:46:49 -05:00
cifs_debug.h lib: update single-char callers of strtobool() 2016-03-17 15:09:34 -07:00
cifs_dfs_ref.c CIFS: add build_path_from_dentry_optional_prefix() 2017-03-01 22:26:10 -06:00
cifs_fs_sb.h cifs: Convert to separately allocated bdi 2017-04-20 12:09:55 -06:00
cifs_ioctl.h Enable previous version support 2016-10-13 19:48:11 -05:00
cifs_spnego.c cifs: Create dedicated keyring for spnego operations 2016-05-19 21:56:30 -05:00
cifs_spnego.h [CIFS] Rename three structures to avoid camel case 2011-05-27 04:34:02 +00:00
cifs_unicode.c [SMB3] Remove ifdef since SMB3 (and later) now STRONGLY preferred 2017-07-08 18:57:07 -05:00
cifs_unicode.h [SMB3] Remove ifdef since SMB3 (and later) now STRONGLY preferred 2017-07-08 18:57:07 -05:00
cifs_uniupr.h
cifsacl.c cifs: cifsacl: Use a temporary ops variable to reduce code length 2017-05-12 19:45:18 -05:00
cifsacl.h cifs: fix SID binary to string conversion 2012-12-11 11:48:49 -06:00
cifsencrypt.c fs: cifs: replace CURRENT_TIME by other appropriate apis 2017-05-08 17:15:15 -07:00
cifsfs.c cifs: release cifs root_cred after exit_cifs 2017-09-20 18:46:16 -05:00
cifsfs.h Update version of cifs module 2017-09-17 23:10:48 -05:00
cifsglob.h SMB3: Add support for multidialect negotiate (SMB2.1 and later) 2017-09-17 23:10:48 -05:00
cifspdu.h CIFS: move DFS response parsing out of SMB1 code 2017-03-01 22:26:10 -06:00
cifsproto.h cifs: Add support for writing attributes on SMB2+ 2017-09-04 14:03:45 -05:00
cifssmb.c enable xattr support for smb3 and also a bugfix 2017-09-07 16:06:14 -07:00
connect.c cifs: release auth_key.response for reconnect. 2017-09-20 18:46:23 -05:00
dir.c CIFS: remove endian related sparse warning 2017-08-30 14:43:11 -05:00
dns_resolve.c cifs: fix composing of mount options for DFS referrals 2013-05-24 13:08:31 -05:00
dns_resolve.h
export.c [CIFS] cifs: Rename cERROR and cFYI to cifs_dbg 2013-05-04 22:17:23 -05:00
file.c CIFS: make arrays static const, reduces object code size 2017-09-20 18:46:10 -05:00
fscache.c NFS client updates for Linux 3.13 2013-11-08 05:57:46 +09:00
fscache.h CIFS: FS-Cache: Uncache unread pages in cifs_readpages() before freeing them 2013-09-18 10:17:03 -05:00
inode.c sched/wait: Split out the wait_bit*() APIs from <linux/wait.h> into <linux/wait_bit.h> 2017-06-20 12:19:09 +02:00
ioctl.c [SMB3] Remove ifdef since SMB3 (and later) now STRONGLY preferred 2017-07-08 18:57:07 -05:00
link.c [SMB3] Remove ifdef since SMB3 (and later) now STRONGLY preferred 2017-07-08 18:57:07 -05:00
misc.c [SMB3] Remove ifdef since SMB3 (and later) now STRONGLY preferred 2017-07-08 18:57:07 -05:00
netmisc.c cifs: small underflow in cnvrtDosUnixTm() 2017-05-02 14:57:34 -05:00
nterr.c CIFS: Rename 7 error codes to NT_ style 2012-07-24 10:25:10 -05:00
nterr.h CIFS: Rename 7 error codes to NT_ style 2012-07-24 10:25:10 -05:00
ntlmssp.h cifs: dynamic allocation of ntlmssp blob 2016-06-23 23:45:07 -05:00
readdir.c cifs: initialize file_info_lock 2017-01-14 14:58:29 -06:00
rfc1002pdu.h
sess.c smb2: Enforce sec= mount option 2017-03-02 23:13:37 -06:00
smb1ops.c CIFS: Improve readdir verbosity 2017-06-20 19:13:47 -05:00
smb2file.c CIFS: add use_ipc flag to SMB2_ioctl() 2017-03-01 22:26:11 -06:00
smb2glob.h CIFS: Separate SMB2 header structure 2017-02-01 16:46:34 -06:00
smb2inode.c Do not send SMB3 SET_INFO request if nothing is changing 2016-10-13 19:46:51 -05:00
smb2maperror.c CIFS: Display SMB2 error codes in the hex format 2017-07-08 17:23:10 -05:00
smb2misc.c CIFS: fix oplock break deadlocks 2017-05-03 10:10:10 -05:00
smb2ops.c cifs: hide unused functions 2017-09-17 23:10:48 -05:00
smb2pdu.c SMB: Validate negotiate (to protect against downgrade) even if signing off 2017-09-20 19:57:18 -05:00
smb2pdu.h SMB3: Add support for multidialect negotiate (SMB2.1 and later) 2017-09-17 23:10:48 -05:00
smb2proto.h cifs: Add support for writing attributes on SMB2+ 2017-09-04 14:03:45 -05:00
smb2status.h CIFS: Add SMB2 status codes 2012-07-24 10:25:13 -05:00
smb2transport.c CIFS: add CONFIG_CIFS_DEBUG_KEYS to dump encryption keys 2017-07-05 19:51:04 -05:00
smbencrypt.c cifs: Fix smbencrypt() to stop pointing a scatterlist at the stack 2016-12-14 01:44:16 -06:00
smberr.h
smbfsctl.h [SMB3] Send durable handle v2 contexts when use of persistent handles required 2015-11-03 09:26:27 -06:00
transport.c cifs: Do not modify mid entry after submitting I/O in cifs_call_async 2017-07-05 19:58:08 -05:00
winucase.c [CIFS] quiet sparse compile warning 2013-09-08 14:54:24 -05:00
xattr.c cifs: Add support for writing attributes on SMB2+ 2017-09-04 14:03:45 -05:00