* Re: [MS-SMB2] 2.2.3.1.4 SMB2_NETNAME_NEGOTIATE_CONTEXT_ID [not found] <e51f32ff-ce54-d015-4ba0-572ec35f3e45@samba.org> @ 2019-07-26 8:27 ` Stefan Metzmacher 2019-08-05 22:11 ` Steve French 0 siblings, 1 reply; 3+ messages in thread From: Stefan Metzmacher @ 2019-07-26 8:27 UTC (permalink / raw) To: Steve French; +Cc: linux-cifs, Samba Technical [-- Attachment #1.1: Type: text/plain, Size: 846 bytes --] Hi Steve, I just contacted dochelp for this and noticed (from reading the code) that the kernel sends null-termination for the SMB2_NETNAME_NEGOTIATE_CONTEXT_ID value. I think you should fix that and backport it to stable releases, it would be good if all clients would implement it like windows. I implemented it for Samba here: https://gitlab.com/samba-team/samba/merge_requests/666 metze Am 26.07.19 um 10:22 schrieb Stefan Metzmacher via cifs-protocol: > Hi DocHelp, > > I just noticed a documentation bug in > [MS-SMB2] 2.2.3.1.4 SMB2_NETNAME_NEGOTIATE_CONTEXT_ID: > > NetName (variable): A null-terminated Unicode string containing the > server name and specified by the client application. > > Windows Server 1903 sends the name without null-termination, see the > attached capture. > > metze [-- Attachment #2: OpenPGP digital signature --] [-- Type: application/pgp-signature, Size: 833 bytes --] ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [MS-SMB2] 2.2.3.1.4 SMB2_NETNAME_NEGOTIATE_CONTEXT_ID 2019-07-26 8:27 ` [MS-SMB2] 2.2.3.1.4 SMB2_NETNAME_NEGOTIATE_CONTEXT_ID Stefan Metzmacher @ 2019-08-05 22:11 ` Steve French 2019-08-06 5:17 ` Stefan Metzmacher 0 siblings, 1 reply; 3+ messages in thread From: Steve French @ 2019-08-05 22:11 UTC (permalink / raw) To: Stefan Metzmacher; +Cc: Steve French, linux-cifs, Samba Technical [-- Attachment #1: Type: text/plain, Size: 1020 bytes --] How about this fix? On Fri, Jul 26, 2019 at 3:29 AM Stefan Metzmacher via samba-technical <samba-technical@lists.samba.org> wrote: > > Hi Steve, > > I just contacted dochelp for this and noticed (from reading the code) > that the kernel sends null-termination for the > SMB2_NETNAME_NEGOTIATE_CONTEXT_ID value. > > I think you should fix that and backport it to stable releases, > it would be good if all clients would implement it like windows. > > I implemented it for Samba here: > https://gitlab.com/samba-team/samba/merge_requests/666 > > metze > > Am 26.07.19 um 10:22 schrieb Stefan Metzmacher via cifs-protocol: > > Hi DocHelp, > > > > I just noticed a documentation bug in > > [MS-SMB2] 2.2.3.1.4 SMB2_NETNAME_NEGOTIATE_CONTEXT_ID: > > > > NetName (variable): A null-terminated Unicode string containing the > > server name and specified by the client application. > > > > Windows Server 1903 sends the name without null-termination, see the > > attached capture. > > > > metze > > -- Thanks, Steve [-- Attachment #2: 0001-smb3-Incorrect-size-for-netname-negotiate-context.patch --] [-- Type: text/x-patch, Size: 1307 bytes --] From fd9725e18f8c436e2277822eef0025baa1fe9a2a Mon Sep 17 00:00:00 2001 From: Steve French <stfrench@microsoft.com> Date: Mon, 5 Aug 2019 17:07:26 -0500 Subject: [PATCH] smb3: Incorrect size for netname negotiate context It is not null terminated (length was off by two). Also see similar change to Samba: https://gitlab.com/samba-team/samba/merge_requests/666 Reported-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Steve French <stfrench@microsoft.com> --- fs/cifs/smb2pdu.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c index 31e4a1b0b170..5cc2ab2f2ac5 100644 --- a/fs/cifs/smb2pdu.c +++ b/fs/cifs/smb2pdu.c @@ -503,8 +503,7 @@ build_netname_ctxt(struct smb2_netname_neg_context *pneg_ctxt, char *hostname) pneg_ctxt->ContextType = SMB2_NETNAME_NEGOTIATE_CONTEXT_ID; /* copy up to max of first 100 bytes of server name to NetName field */ - pneg_ctxt->DataLength = cpu_to_le16(2 + - (2 * cifs_strtoUTF16(pneg_ctxt->NetName, hostname, 100, cp))); + pneg_ctxt->DataLength = cpu_to_le16(2 * cifs_strtoUTF16(pneg_ctxt->NetName, hostname, 100, cp)); /* context size is DataLength + minimal smb2_neg_context */ return DIV_ROUND_UP(le16_to_cpu(pneg_ctxt->DataLength) + sizeof(struct smb2_neg_context), 8) * 8; -- 2.20.1 ^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [MS-SMB2] 2.2.3.1.4 SMB2_NETNAME_NEGOTIATE_CONTEXT_ID 2019-08-05 22:11 ` Steve French @ 2019-08-06 5:17 ` Stefan Metzmacher 0 siblings, 0 replies; 3+ messages in thread From: Stefan Metzmacher @ 2019-08-06 5:17 UTC (permalink / raw) To: Steve French; +Cc: Steve French, linux-cifs, Samba Technical [-- Attachment #1.1: Type: text/plain, Size: 1162 bytes --] Am 06.08.19 um 00:11 schrieb Steve French: > How about this fix? Looks good, if you have tested it :-) metze > On Fri, Jul 26, 2019 at 3:29 AM Stefan Metzmacher via samba-technical > <samba-technical@lists.samba.org> wrote: >> >> Hi Steve, >> >> I just contacted dochelp for this and noticed (from reading the code) >> that the kernel sends null-termination for the >> SMB2_NETNAME_NEGOTIATE_CONTEXT_ID value. >> >> I think you should fix that and backport it to stable releases, >> it would be good if all clients would implement it like windows. >> >> I implemented it for Samba here: >> https://gitlab.com/samba-team/samba/merge_requests/666 >> >> metze >> >> Am 26.07.19 um 10:22 schrieb Stefan Metzmacher via cifs-protocol: >>> Hi DocHelp, >>> >>> I just noticed a documentation bug in >>> [MS-SMB2] 2.2.3.1.4 SMB2_NETNAME_NEGOTIATE_CONTEXT_ID: >>> >>> NetName (variable): A null-terminated Unicode string containing the >>> server name and specified by the client application. >>> >>> Windows Server 1903 sends the name without null-termination, see the >>> attached capture. >>> >>> metze >> >> > > [-- Attachment #2: OpenPGP digital signature --] [-- Type: application/pgp-signature, Size: 833 bytes --] ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-08-06 5:17 UTC | newest] Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- [not found] <e51f32ff-ce54-d015-4ba0-572ec35f3e45@samba.org> 2019-07-26 8:27 ` [MS-SMB2] 2.2.3.1.4 SMB2_NETNAME_NEGOTIATE_CONTEXT_ID Stefan Metzmacher 2019-08-05 22:11 ` Steve French 2019-08-06 5:17 ` Stefan Metzmacher
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).