summaryrefslogtreecommitdiffstats
path: root/fs/cifs/inode.c
diff options
context:
space:
mode:
authorSteve French <smfrench@gmail.com>2017-09-21 02:57:18 +0200
committerSteve French <smfrench@gmail.com>2017-09-21 02:57:18 +0200
commit0603c96f3af50e2f9299fa410c224ab1d465e0f9 (patch)
tree3c9642e348c9618d141e475102688be1846752cc /fs/cifs/inode.c
parentcifs: release auth_key.response for reconnect. (diff)
downloadlinux-0603c96f3af50e2f9299fa410c224ab1d465e0f9.tar.xz
linux-0603c96f3af50e2f9299fa410c224ab1d465e0f9.zip
SMB: Validate negotiate (to protect against downgrade) even if signing off
As long as signing is supported (ie not a guest user connection) and connection is SMB3 or SMB3.02, then validate negotiate (protect against man in the middle downgrade attacks). We had been doing this only when signing was required, not when signing was just enabled, but this more closely matches recommended SMB3 behavior and is better security. Suggested by Metze. Signed-off-by: Steve French <smfrench@gmail.com> Reviewed-by: Jeremy Allison <jra@samba.org> Acked-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com> CC: Stable <stable@vger.kernel.org>
Diffstat (limited to 'fs/cifs/inode.c')
0 files changed, 0 insertions, 0 deletions