From 67b309cd39844e36ce2abf7abb363f7db5dbd528 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 19 Jun 2024 17:24:27 +0200 Subject: [PATCH] Revert "HACK smb2: force SMB2_DIALECT_311 SMB2_CIPHER_AES_128_GCM" This reverts commit 781a260b639e73fbed4bd184a652842a7a75cf8a. --- epan/dissectors/packet-smb2.c | 40 ---------------------------------------- 1 file changed, 40 deletions(-) diff --git a/epan/dissectors/packet-smb2.c b/epan/dissectors/packet-smb2.c index 80533be93a..4f83d779b9 100644 --- a/epan/dissectors/packet-smb2.c +++ b/epan/dissectors/packet-smb2.c @@ -830,7 +830,6 @@ static expert_field ei_smb2_invalid_getinfo_offset; static expert_field ei_smb2_invalid_getinfo_size; static expert_field ei_smb2_empty_getinfo_buffer; static expert_field ei_smb2_invalid_signature; -static expert_field ei_smb2_ntlmssp_sessionkey; static int smb2_tap; static int smb2_eo_tap; @@ -3870,11 +3869,6 @@ static void smb2_generate_decryption_keys(smb2_conv_info_t *conv, smb2_sesid_inf if (!has_seskey || ses->session_key_len == 0) return; - if (conv->dialect < SMB2_DIALECT_202) { - conv->dialect = SMB2_DIALECT_311; - conv->enc_alg = SMB2_CIPHER_AES_128_GCM; - } - /* generate decryption keys */ if (conv->dialect <= SMB2_DIALECT_210) { if (!has_signkey) @@ -4033,22 +4027,6 @@ dissect_smb2_session_setup_request(tvbuff_t *tvb, packet_info *pinfo, proto_tree memcpy(si->session->session_key, ntlmssph->session_key, NTLMSSP_KEY_LEN); si->session->session_key_len = NTLMSSP_KEY_LEN; si->session->session_key_frame = pinfo->num; - expert_add_info_format(pinfo, tree, - &ei_smb2_ntlmssp_sessionkey, - "SMB2 NTLM sessionKey (" - "%02x%02x%02x%02x" - "%02x%02x%02x%02x" - "%02x%02x%02x%02x" - "%02x%02x%02x%02x" - ")", - si->session->session_key[0] & 0xFF, si->session->session_key[1] & 0xFF, - si->session->session_key[2] & 0xFF, si->session->session_key[3] & 0xFF, - si->session->session_key[4] & 0xFF, si->session->session_key[5] & 0xFF, - si->session->session_key[6] & 0xFF, si->session->session_key[7] & 0xFF, - si->session->session_key[8] & 0xFF, si->session->session_key[9] & 0xFF, - si->session->session_key[10] & 0xFF, si->session->session_key[11] & 0xFF, - si->session->session_key[12] & 0xFF, si->session->session_key[13] & 0xFF, - si->session->session_key[14] & 0xFF, si->session->session_key[15] & 0xFF); } si->session->auth_frame = pinfo->num; } @@ -4415,23 +4393,6 @@ dissect_smb2_session_setup_response(tvbuff_t *tvb, packet_info *pinfo, proto_tre /* * Session is established, we can generate the keys */ - expert_add_info_format(pinfo, tree, - &ei_smb2_ntlmssp_sessionkey, - "SMB2 dialect[0x%x] decryption base sessionKey (" - "%02x%02x%02x%02x" - "%02x%02x%02x%02x" - "%02x%02x%02x%02x" - "%02x%02x%02x%02x" - ")", - (unsigned)si->conv->dialect, - si->session->session_key[0] & 0xFF, si->session->session_key[1] & 0xFF, - si->session->session_key[2] & 0xFF, si->session->session_key[3] & 0xFF, - si->session->session_key[4] & 0xFF, si->session->session_key[5] & 0xFF, - si->session->session_key[6] & 0xFF, si->session->session_key[7] & 0xFF, - si->session->session_key[8] & 0xFF, si->session->session_key[9] & 0xFF, - si->session->session_key[10] & 0xFF, si->session->session_key[11] & 0xFF, - si->session->session_key[12] & 0xFF, si->session->session_key[13] & 0xFF, - si->session->session_key[14] & 0xFF, si->session->session_key[15] & 0xFF); smb2_generate_decryption_keys(si->conv, si->session); } @@ -15222,7 +15183,6 @@ proto_register_smb2(void) { &ei_smb2_invalid_getinfo_size, { "smb2.invalid_getinfo_size", PI_MALFORMED, PI_ERROR, "Input buffer length goes past the end of the message", EXPFILL }}, { &ei_smb2_empty_getinfo_buffer, { "smb2.empty_getinfo_buffer", PI_PROTOCOL, PI_WARN, "Input buffer length is empty for a quota request", EXPFILL }}, { &ei_smb2_invalid_signature, { "smb2.invalid_signature", PI_MALFORMED, PI_ERROR, "Invalid Signature", EXPFILL }}, - { &ei_smb2_ntlmssp_sessionkey, { "smb2.ntlmssp.sessionkey", PI_SECURITY, PI_CHAT, "NTLMSSP SessionKey", EXPFILL }}, }; expert_module_t* expert_smb2; -- 2.11.4.GIT