Project

General

Profile

Actions

Bug #15033

open

SMB 3.1.1: More robust handling of extra algorithms in negotiation contexts

Added by Matt Barden 2 months ago. Updated 2 months ago.

Status:
In Progress
Priority:
Normal
Assignee:
Category:
smb - SMB server and client
Start date:
Due date:
% Done:

0%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:
External Bug:

Description

#14046 fixed a bug where Windows 11 (and anyone else that supported AES-256 ciphers) would be unable to connect to the server if it supported SMB 3.1.1. This was due to the code handling the encryption cipher negotiation context containing a hard limit on the number of algorithms it expects to see in the context.

That fix only 'kicked the can down the road', by increasing the expected number of algorithms to the current maximum. That means that if more algorithms are ever added, the bug will be re-introduced.

The server should use a soft limit instead; it should scan up to the set maximum number of algorithms for one we support. This way, if more algorithms are defined, negotiation can still succeed, so long as one recognized algorithm is in the scanned list. We can also set the maximum above the number of algorithms currently specified, to give us some flexibility in that regard.

Actions #1

Updated by Electric Monk 2 months ago

  • Gerrit CR set to 2412
Actions

Also available in: Atom PDF