@@ -318,6 +318,23 @@ free_rsp_buf(int resp_buftype, void *rsp)
cifs_buf_release(rsp);
}
+/* convert smb2 sec mode to older form so can be used for both smb2 and cifs */
+static __u16
+convert_sec_mode(__u16 smb2_sec_mode)
+{
+ u16 sec_mode = 0;
+
+ if ((smb2_sec_mode & SMB2_SEC_MODE_MASK) != smb2_sec_mode)
+ cifs_dbg(VFS, "srv ret unknown sec_mode 0x%x\n", smb2_sec_mode);
+
+ if (smb2_sec_mode & SMB2_NEGOTIATE_SIGNING_ENABLED)
+ sec_mode |= SECMODE_SIGN_ENABLED;
+
+ if (smb2_sec_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED)
+ sec_mode |= SECMODE_SIGN_REQUIRED;
+
+ return sec_mode;
+}
/*
*
@@ -416,8 +433,7 @@ SMB2_negotiate(const unsigned int xid, struct cifs_ses *ses)
server->maxBuf = le32_to_cpu(rsp->MaxTransactSize);
server->max_read = le32_to_cpu(rsp->MaxReadSize);
server->max_write = le32_to_cpu(rsp->MaxWriteSize);
- /* BB Do we need to validate the SecurityMode? */
- server->sec_mode = le16_to_cpu(rsp->SecurityMode);
+ server->sec_mode = convert_sec_mode(le16_to_cpu(rsp->SecurityMode));
server->capabilities = le32_to_cpu(rsp->Capabilities);
/* Internal types */
server->capabilities |= SMB2_NT_FIND | SMB2_LARGE_FILES;
@@ -176,6 +176,7 @@ struct smb2_negotiate_req {
/* SecurityMode flags */
#define SMB2_NEGOTIATE_SIGNING_ENABLED 0x0001
#define SMB2_NEGOTIATE_SIGNING_REQUIRED 0x0002
+#define SMB2_SEC_MODE_MASK 0x0003
/* Capabilities flags */
#define SMB2_GLOBAL_CAP_DFS 0x00000001
#define SMB2_GLOBAL_CAP_LEASING 0x00000002 /* Resp only New to SMB2.1 */