diff options
| author | Pavel Shilovsky <pshilov@microsoft.com> | 2016-11-07 21:20:50 -0500 |
|---|---|---|
| committer | Steve French <smfrench@gmail.com> | 2017-02-01 17:46:36 -0500 |
| commit | cabfb3680f78981d26c078a26e5c748531257ebb (patch) | |
| tree | 583b74b9c79e8787c5e8179c0b2341fa0cd6c389 /fs/cifs/sess.c | |
| parent | 7fb8986e7449d0a5cebd84d059927afa423fbf85 (diff) | |
CIFS: Enable encryption during session setup phase
In order to allow encryption on SMB connection we need to exchange
a session key and generate encryption and decryption keys.
Signed-off-by: Pavel Shilovsky <pshilov@microsoft.com>
Diffstat (limited to 'fs/cifs/sess.c')
| -rw-r--r-- | fs/cifs/sess.c | 22 |
1 files changed, 10 insertions, 12 deletions
diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c index a1118e30e7c7..dcbcc927399a 100644 --- a/fs/cifs/sess.c +++ b/fs/cifs/sess.c | |||
| @@ -344,13 +344,12 @@ void build_ntlmssp_negotiate_blob(unsigned char *pbuffer, | |||
| 344 | /* BB is NTLMV2 session security format easier to use here? */ | 344 | /* BB is NTLMV2 session security format easier to use here? */ |
| 345 | flags = NTLMSSP_NEGOTIATE_56 | NTLMSSP_REQUEST_TARGET | | 345 | flags = NTLMSSP_NEGOTIATE_56 | NTLMSSP_REQUEST_TARGET | |
| 346 | NTLMSSP_NEGOTIATE_128 | NTLMSSP_NEGOTIATE_UNICODE | | 346 | NTLMSSP_NEGOTIATE_128 | NTLMSSP_NEGOTIATE_UNICODE | |
| 347 | NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_NEGOTIATE_EXTENDED_SEC; | 347 | NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_NEGOTIATE_EXTENDED_SEC | |
| 348 | if (ses->server->sign) { | 348 | NTLMSSP_NEGOTIATE_SEAL; |
| 349 | if (ses->server->sign) | ||
| 349 | flags |= NTLMSSP_NEGOTIATE_SIGN; | 350 | flags |= NTLMSSP_NEGOTIATE_SIGN; |
| 350 | if (!ses->server->session_estab || | 351 | if (!ses->server->session_estab || ses->ntlmssp->sesskey_per_smbsess) |
| 351 | ses->ntlmssp->sesskey_per_smbsess) | 352 | flags |= NTLMSSP_NEGOTIATE_KEY_XCH; |
| 352 | flags |= NTLMSSP_NEGOTIATE_KEY_XCH; | ||
| 353 | } | ||
| 354 | 353 | ||
| 355 | sec_blob->NegotiateFlags = cpu_to_le32(flags); | 354 | sec_blob->NegotiateFlags = cpu_to_le32(flags); |
| 356 | 355 | ||
| @@ -407,13 +406,12 @@ int build_ntlmssp_auth_blob(unsigned char **pbuffer, | |||
| 407 | flags = NTLMSSP_NEGOTIATE_56 | | 406 | flags = NTLMSSP_NEGOTIATE_56 | |
| 408 | NTLMSSP_REQUEST_TARGET | NTLMSSP_NEGOTIATE_TARGET_INFO | | 407 | NTLMSSP_REQUEST_TARGET | NTLMSSP_NEGOTIATE_TARGET_INFO | |
| 409 | NTLMSSP_NEGOTIATE_128 | NTLMSSP_NEGOTIATE_UNICODE | | 408 | NTLMSSP_NEGOTIATE_128 | NTLMSSP_NEGOTIATE_UNICODE | |
| 410 | NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_NEGOTIATE_EXTENDED_SEC; | 409 | NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_NEGOTIATE_EXTENDED_SEC | |
| 411 | if (ses->server->sign) { | 410 | NTLMSSP_NEGOTIATE_SEAL; |
| 411 | if (ses->server->sign) | ||
| 412 | flags |= NTLMSSP_NEGOTIATE_SIGN; | 412 | flags |= NTLMSSP_NEGOTIATE_SIGN; |
| 413 | if (!ses->server->session_estab || | 413 | if (!ses->server->session_estab || ses->ntlmssp->sesskey_per_smbsess) |
| 414 | ses->ntlmssp->sesskey_per_smbsess) | 414 | flags |= NTLMSSP_NEGOTIATE_KEY_XCH; |
| 415 | flags |= NTLMSSP_NEGOTIATE_KEY_XCH; | ||
| 416 | } | ||
| 417 | 415 | ||
| 418 | tmp = *pbuffer + sizeof(AUTHENTICATE_MESSAGE); | 416 | tmp = *pbuffer + sizeof(AUTHENTICATE_MESSAGE); |
| 419 | sec_blob->NegotiateFlags = cpu_to_le32(flags); | 417 | sec_blob->NegotiateFlags = cpu_to_le32(flags); |