1 files changed, 11 insertions, 7 deletions
diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c
index c0d102615d0a..f9b74daf962a 100644
--- a/fs/cifs/smb2pdu.c
+++ b/fs/cifs/smb2pdu.c
@@ -416,18 +416,22 @@ SMB2_negotiate(const unsigned int xid, struct cifs_ses *ses)
        security_blob = smb2_get_data_area_len(&blob_offset, &blob_length,
                                               &rsp->hdr);
-        if (blob_length == 0) {
+        /*
-                cifs_dbg(VFS, "missing security blob on negprot\n");
+         * See MS-SMB2 section 2.2.4: if no blob, client picks default which
-                rc = -EIO;
+         * for us will be
-                goto neg_exit;
+         *      ses->sectype = RawNTLMSSP;
-        }
+         * but for time being this is our only auth choice so doesn't matter.
+         * We just found a server which sets blob length to zero expecting raw.
+         */
+        if (blob_length == 0)
+                cifs_dbg(FYI, "missing security blob on negprot\n");
        rc = cifs_enable_signing(server, ses->sign);
 #ifdef CONFIG_SMB2_ASN1  /* BB REMOVEME when updated asn1.c ready */
        if (rc)
                goto neg_exit;
+        if (blob_length)
-        rc = decode_neg_token_init(security_blob, blob_length,
+                rc = decode_neg_token_init(security_blob, blob_length,
                                   &server->sec_type);
        if (rc == 1)
                rc = 0;

diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c index c0d102615d0a..f9b74daf962a 100644 --- a/fs/cifs/smb2pdu.c +++ b/fs/cifs/smb2pdu.c
@@ -416,18 +416,22 @@ SMB2_negotiate(const unsigned int xid, struct cifs_ses *ses)
416		416
417	security_blob = smb2_get_data_area_len(&blob_offset, &blob_length,	417	security_blob = smb2_get_data_area_len(&blob_offset, &blob_length,
418	&rsp->hdr);	418	&rsp->hdr);
419	if (blob_length == 0) {	419	/*
420	cifs_dbg(VFS, "missing security blob on negprot\n");	420	* See MS-SMB2 section 2.2.4: if no blob, client picks default which
421	rc = -EIO;	421	* for us will be
422	goto neg_exit;	422	* ses->sectype = RawNTLMSSP;
423	}	423	* but for time being this is our only auth choice so doesn't matter.
		424	* We just found a server which sets blob length to zero expecting raw.
		425	*/
		426	if (blob_length == 0)
		427	cifs_dbg(FYI, "missing security blob on negprot\n");
424		428
425	rc = cifs_enable_signing(server, ses->sign);	429	rc = cifs_enable_signing(server, ses->sign);
426	#ifdef CONFIG_SMB2_ASN1 /* BB REMOVEME when updated asn1.c ready */	430	#ifdef CONFIG_SMB2_ASN1 /* BB REMOVEME when updated asn1.c ready */
427	if (rc)	431	if (rc)
428	goto neg_exit;	432	goto neg_exit;
429		433	if (blob_length)
430	rc = decode_neg_token_init(security_blob, blob_length,	434	rc = decode_neg_token_init(security_blob, blob_length,
431	&server->sec_type);	435	&server->sec_type);
432	if (rc == 1)	436	if (rc == 1)
433	rc = 0;	437	rc = 0;