aboutsummaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
authorJeff Layton <jlayton@redhat.com>2010-07-06 20:43:02 -0400
committerSteve French <sfrench@us.ibm.com>2010-08-02 08:40:35 -0400
commit4ff67b720c02c36e54d55b88c2931879b7db1cd2 (patch)
tree2a69a278edb4d80a9fb0760d188629fb6e8371fb /fs
parentdaf5b0b6f3f6d7b15c2600426cc6c60a0e155218 (diff)
cifs: clean up cifs_find_smb_ses (try #2)
This patch replaces the earlier patch by the same name. The only difference is that MAX_PASSWORD_SIZE has been increased to attempt to match the limits that windows enforces. Do a better job of matching sessions by authtype. Matching by username for a Kerberos session is incorrect, and anonymous sessions need special handling. Also, in the case where we do match by username, we also need to match by password. That ensures that someone else doesn't "borrow" an existing session without needing to know the password. Finally, passwords can be longer than 16 bytes. Bump MAX_PASSWORD_SIZE to 512 to match the size that the userspace mount helper allows. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs')
-rw-r--r--fs/cifs/cifsglob.h2
-rw-r--r--fs/cifs/connect.c26
2 files changed, 19 insertions, 9 deletions
diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h
index 8fb1d10b874..7b91cb4f0da 100644
--- a/fs/cifs/cifsglob.h
+++ b/fs/cifs/cifsglob.h
@@ -37,7 +37,7 @@
37#define MAX_SHARE_SIZE 64 /* used to be 20, this should still be enough */ 37#define MAX_SHARE_SIZE 64 /* used to be 20, this should still be enough */
38#define MAX_USERNAME_SIZE 32 /* 32 is to allow for 15 char names + null 38#define MAX_USERNAME_SIZE 32 /* 32 is to allow for 15 char names + null
39 termination then *2 for unicode versions */ 39 termination then *2 for unicode versions */
40#define MAX_PASSWORD_SIZE 16 40#define MAX_PASSWORD_SIZE 512 /* max for windows seems to be 256 wide chars */
41 41
42#define CIFS_MIN_RCV_POOL 4 42#define CIFS_MIN_RCV_POOL 4
43 43
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index b24e4cea4e3..b2063ce113e 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -1644,17 +1644,27 @@ out_err:
1644} 1644}
1645 1645
1646static struct cifsSesInfo * 1646static struct cifsSesInfo *
1647cifs_find_smb_ses(struct TCP_Server_Info *server, char *username) 1647cifs_find_smb_ses(struct TCP_Server_Info *server, struct smb_vol *vol)
1648{ 1648{
1649 struct list_head *tmp;
1650 struct cifsSesInfo *ses; 1649 struct cifsSesInfo *ses;
1651 1650
1652 write_lock(&cifs_tcp_ses_lock); 1651 write_lock(&cifs_tcp_ses_lock);
1653 list_for_each(tmp, &server->smb_ses_list) { 1652 list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) {
1654 ses = list_entry(tmp, struct cifsSesInfo, smb_ses_list); 1653 switch (server->secType) {
1655 if (strncmp(ses->userName, username, MAX_USERNAME_SIZE)) 1654 case Kerberos:
1656 continue; 1655 if (vol->linux_uid != ses->linux_uid)
1657 1656 continue;
1657 break;
1658 default:
1659 /* anything else takes username/password */
1660 if (strncmp(ses->userName, vol->username,
1661 MAX_USERNAME_SIZE))
1662 continue;
1663 if (strlen(vol->username) != 0 &&
1664 strncmp(ses->password, vol->password,
1665 MAX_PASSWORD_SIZE))
1666 continue;
1667 }
1658 ++ses->ses_count; 1668 ++ses->ses_count;
1659 write_unlock(&cifs_tcp_ses_lock); 1669 write_unlock(&cifs_tcp_ses_lock);
1660 return ses; 1670 return ses;
@@ -1696,7 +1706,7 @@ cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb_vol *volume_info)
1696 1706
1697 xid = GetXid(); 1707 xid = GetXid();
1698 1708
1699 ses = cifs_find_smb_ses(server, volume_info->username); 1709 ses = cifs_find_smb_ses(server, volume_info);
1700 if (ses) { 1710 if (ses) {
1701 cFYI(1, "Existing smb sess found (status=%d)", ses->status); 1711 cFYI(1, "Existing smb sess found (status=%d)", ses->status);
1702 1712