1 files changed, 4 insertions, 29 deletions
diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c
index 3af66aa18d3b..ebb97b484ab1 100644
--- a/fs/cifs/smb2pdu.c
+++ b/fs/cifs/smb2pdu.c
@@ -423,36 +423,11 @@ SMB2_negotiate(const unsigned int xid, struct cifs_ses *ses)
        }
        cifs_dbg(FYI, "sec_flags 0x%x\n", sec_flags);
-        if ((sec_flags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) {
+        rc = cifs_enable_signing(server, sec_flags);
-                cifs_dbg(FYI, "Signing required\n");
-                if (!(server->sec_mode & (SMB2_NEGOTIATE_SIGNING_REQUIRED |
-                      SMB2_NEGOTIATE_SIGNING_ENABLED))) {
-                        cifs_dbg(VFS, "signing required but server lacks support\n");
-                        rc = -EOPNOTSUPP;
-                        goto neg_exit;
-                }
-                server->sec_mode |= SECMODE_SIGN_REQUIRED;
-        } else if (sec_flags & CIFSSEC_MAY_SIGN) {
-                cifs_dbg(FYI, "Signing optional\n");
-                if (server->sec_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) {
-                        cifs_dbg(FYI, "Server requires signing\n");
-                        server->sec_mode |= SECMODE_SIGN_REQUIRED;
-                } else {
-                        server->sec_mode &=
-                                ~(SECMODE_SIGN_ENABLED | SECMODE_SIGN_REQUIRED);
-                }
-        } else {
-                cifs_dbg(FYI, "Signing disabled\n");
-                if (server->sec_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) {
-                        cifs_dbg(VFS, "Server requires packet signing to be enabled in /proc/fs/cifs/SecurityFlags\n");
-                        rc = -EOPNOTSUPP;
-                        goto neg_exit;
-                }
-                server->sec_mode &=
-                        ~(SECMODE_SIGN_ENABLED | SECMODE_SIGN_REQUIRED);
-        }
 #ifdef CONFIG_SMB2_ASN1  /* BB REMOVEME when updated asn1.c ready */
+        if (rc)
+                goto neg_exit;
        rc = decode_neg_token_init(security_blob, blob_length,
                                   &server->sec_type);
        if (rc == 1)

diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c index 3af66aa18d3b..ebb97b484ab1 100644 --- a/fs/cifs/smb2pdu.c +++ b/fs/cifs/smb2pdu.c
@@ -423,36 +423,11 @@ SMB2_negotiate(const unsigned int xid, struct cifs_ses *ses)
423	}	423	}
424		424
425	cifs_dbg(FYI, "sec_flags 0x%x\n", sec_flags);	425	cifs_dbg(FYI, "sec_flags 0x%x\n", sec_flags);
426	if ((sec_flags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) {	426	rc = cifs_enable_signing(server, sec_flags);
427	cifs_dbg(FYI, "Signing required\n");
428	if (!(server->sec_mode & (SMB2_NEGOTIATE_SIGNING_REQUIRED \|
429	SMB2_NEGOTIATE_SIGNING_ENABLED))) {
430	cifs_dbg(VFS, "signing required but server lacks support\n");
431	rc = -EOPNOTSUPP;
432	goto neg_exit;
433	}
434	server->sec_mode \|= SECMODE_SIGN_REQUIRED;
435	} else if (sec_flags & CIFSSEC_MAY_SIGN) {
436	cifs_dbg(FYI, "Signing optional\n");
437	if (server->sec_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) {
438	cifs_dbg(FYI, "Server requires signing\n");
439	server->sec_mode \|= SECMODE_SIGN_REQUIRED;
440	} else {
441	server->sec_mode &=
442	~(SECMODE_SIGN_ENABLED \| SECMODE_SIGN_REQUIRED);
443	}
444	} else {
445	cifs_dbg(FYI, "Signing disabled\n");
446	if (server->sec_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) {
447	cifs_dbg(VFS, "Server requires packet signing to be enabled in /proc/fs/cifs/SecurityFlags\n");
448	rc = -EOPNOTSUPP;
449	goto neg_exit;
450	}
451	server->sec_mode &=
452	~(SECMODE_SIGN_ENABLED \| SECMODE_SIGN_REQUIRED);
453	}
454
455	#ifdef CONFIG_SMB2_ASN1 /* BB REMOVEME when updated asn1.c ready */	427	#ifdef CONFIG_SMB2_ASN1 /* BB REMOVEME when updated asn1.c ready */
		428	if (rc)
		429	goto neg_exit;
		430
456	rc = decode_neg_token_init(security_blob, blob_length,	431	rc = decode_neg_token_init(security_blob, blob_length,
457	&server->sec_type);	432	&server->sec_type);
458	if (rc == 1)	433	if (rc == 1)