diff options
Diffstat (limited to 'fs/cifs/cifsencrypt.c')
| -rw-r--r-- | fs/cifs/cifsencrypt.c | 53 |
1 files changed, 29 insertions, 24 deletions
diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c index ef95a272f73..f856732161a 100644 --- a/fs/cifs/cifsencrypt.c +++ b/fs/cifs/cifsencrypt.c | |||
| @@ -328,15 +328,15 @@ build_avpair_blob(struct cifsSesInfo *ses, const struct nls_table *nls_cp) | |||
| 328 | * two times the unicode length of a server name + | 328 | * two times the unicode length of a server name + |
| 329 | * size of a timestamp (which is 8 bytes). | 329 | * size of a timestamp (which is 8 bytes). |
| 330 | */ | 330 | */ |
| 331 | ses->tilen = size + 2 * (2 * dlen) + 2 * (2 * wlen) + 8; | 331 | ses->auth_key.len = size + 2 * (2 * dlen) + 2 * (2 * wlen) + 8; |
| 332 | ses->tiblob = kzalloc(ses->tilen, GFP_KERNEL); | 332 | ses->auth_key.response = kzalloc(ses->auth_key.len, GFP_KERNEL); |
| 333 | if (!ses->tiblob) { | 333 | if (!ses->auth_key.response) { |
| 334 | ses->tilen = 0; | 334 | ses->auth_key.len = 0; |
| 335 | cERROR(1, "Challenge target info allocation failure"); | 335 | cERROR(1, "Challenge target info allocation failure"); |
| 336 | return -ENOMEM; | 336 | return -ENOMEM; |
| 337 | } | 337 | } |
| 338 | 338 | ||
| 339 | blobptr = ses->tiblob; | 339 | blobptr = ses->auth_key.response; |
| 340 | attrptr = (struct ntlmssp2_name *) blobptr; | 340 | attrptr = (struct ntlmssp2_name *) blobptr; |
| 341 | 341 | ||
| 342 | attrptr->type = cpu_to_le16(NTLMSSP_AV_NB_DOMAIN_NAME); | 342 | attrptr->type = cpu_to_le16(NTLMSSP_AV_NB_DOMAIN_NAME); |
| @@ -400,11 +400,11 @@ find_domain_name(struct cifsSesInfo *ses, const struct nls_table *nls_cp) | |||
| 400 | unsigned char *blobend; | 400 | unsigned char *blobend; |
| 401 | struct ntlmssp2_name *attrptr; | 401 | struct ntlmssp2_name *attrptr; |
| 402 | 402 | ||
| 403 | if (!ses->tilen || !ses->tiblob) | 403 | if (!ses->auth_key.len || !ses->auth_key.response) |
| 404 | return 0; | 404 | return 0; |
| 405 | 405 | ||
| 406 | blobptr = ses->tiblob; | 406 | blobptr = ses->auth_key.response; |
| 407 | blobend = ses->tiblob + ses->tilen; | 407 | blobend = blobptr + ses->auth_key.len; |
| 408 | 408 | ||
| 409 | while (blobptr + onesize < blobend) { | 409 | while (blobptr + onesize < blobend) { |
| 410 | attrptr = (struct ntlmssp2_name *) blobptr; | 410 | attrptr = (struct ntlmssp2_name *) blobptr; |
| @@ -436,7 +436,7 @@ find_domain_name(struct cifsSesInfo *ses, const struct nls_table *nls_cp) | |||
| 436 | return 0; | 436 | return 0; |
| 437 | } | 437 | } |
| 438 | 438 | ||
| 439 | static int calc_ntlmv2_hash(struct cifsSesInfo *ses, | 439 | static int calc_ntlmv2_hash(struct cifsSesInfo *ses, char *ntlmv2_hash, |
| 440 | const struct nls_table *nls_cp) | 440 | const struct nls_table *nls_cp) |
| 441 | { | 441 | { |
| 442 | int rc = 0; | 442 | int rc = 0; |
| @@ -509,7 +509,7 @@ static int calc_ntlmv2_hash(struct cifsSesInfo *ses, | |||
| 509 | } | 509 | } |
| 510 | 510 | ||
| 511 | rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash, | 511 | rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash, |
| 512 | ses->ntlmv2_hash); | 512 | ntlmv2_hash); |
| 513 | 513 | ||
| 514 | calc_exit_1: | 514 | calc_exit_1: |
| 515 | kfree(user); | 515 | kfree(user); |
| @@ -518,7 +518,7 @@ calc_exit_2: | |||
| 518 | } | 518 | } |
| 519 | 519 | ||
| 520 | static int | 520 | static int |
| 521 | CalcNTLMv2_response(const struct cifsSesInfo *ses) | 521 | CalcNTLMv2_response(const struct cifsSesInfo *ses, char *ntlmv2_hash) |
| 522 | { | 522 | { |
| 523 | int rc; | 523 | int rc; |
| 524 | unsigned int offset = CIFS_SESS_KEY_SIZE + 8; | 524 | unsigned int offset = CIFS_SESS_KEY_SIZE + 8; |
| @@ -529,7 +529,7 @@ CalcNTLMv2_response(const struct cifsSesInfo *ses) | |||
| 529 | } | 529 | } |
| 530 | 530 | ||
| 531 | crypto_shash_setkey(ses->server->secmech.hmacmd5, | 531 | crypto_shash_setkey(ses->server->secmech.hmacmd5, |
| 532 | ses->ntlmv2_hash, CIFS_HMAC_MD5_HASH_SIZE); | 532 | ntlmv2_hash, CIFS_HMAC_MD5_HASH_SIZE); |
| 533 | 533 | ||
| 534 | rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash); | 534 | rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash); |
| 535 | if (rc) { | 535 | if (rc) { |
| @@ -539,7 +539,7 @@ CalcNTLMv2_response(const struct cifsSesInfo *ses) | |||
| 539 | 539 | ||
| 540 | if (ses->server->secType == RawNTLMSSP) | 540 | if (ses->server->secType == RawNTLMSSP) |
| 541 | memcpy(ses->auth_key.response + offset, | 541 | memcpy(ses->auth_key.response + offset, |
| 542 | ses->cryptkey, CIFS_SERVER_CHALLENGE_SIZE); | 542 | ses->ntlmssp->cryptkey, CIFS_SERVER_CHALLENGE_SIZE); |
| 543 | else | 543 | else |
| 544 | memcpy(ses->auth_key.response + offset, | 544 | memcpy(ses->auth_key.response + offset, |
| 545 | ses->server->cryptkey, CIFS_SERVER_CHALLENGE_SIZE); | 545 | ses->server->cryptkey, CIFS_SERVER_CHALLENGE_SIZE); |
| @@ -558,7 +558,10 @@ setup_ntlmv2_rsp(struct cifsSesInfo *ses, const struct nls_table *nls_cp) | |||
| 558 | { | 558 | { |
| 559 | int rc; | 559 | int rc; |
| 560 | int baselen; | 560 | int baselen; |
| 561 | unsigned int tilen; | ||
| 561 | struct ntlmv2_resp *buf; | 562 | struct ntlmv2_resp *buf; |
| 563 | char ntlmv2_hash[16]; | ||
| 564 | unsigned char *tiblob = NULL; /* target info blob */ | ||
| 562 | 565 | ||
| 563 | if (ses->server->secType == RawNTLMSSP) { | 566 | if (ses->server->secType == RawNTLMSSP) { |
| 564 | if (!ses->domainName) { | 567 | if (!ses->domainName) { |
| @@ -572,18 +575,22 @@ setup_ntlmv2_rsp(struct cifsSesInfo *ses, const struct nls_table *nls_cp) | |||
| 572 | rc = build_avpair_blob(ses, nls_cp); | 575 | rc = build_avpair_blob(ses, nls_cp); |
| 573 | if (rc) { | 576 | if (rc) { |
| 574 | cERROR(1, "error %d building av pair blob", rc); | 577 | cERROR(1, "error %d building av pair blob", rc); |
| 575 | return rc; | 578 | goto setup_ntlmv2_rsp_ret; |
| 576 | } | 579 | } |
| 577 | } | 580 | } |
| 578 | 581 | ||
| 579 | baselen = CIFS_SESS_KEY_SIZE + sizeof(struct ntlmv2_resp); | 582 | baselen = CIFS_SESS_KEY_SIZE + sizeof(struct ntlmv2_resp); |
| 580 | ses->auth_key.len = baselen + ses->tilen; | 583 | tilen = ses->auth_key.len; |
| 581 | ses->auth_key.response = kmalloc(ses->auth_key.len, GFP_KERNEL); | 584 | tiblob = ses->auth_key.response; |
| 585 | |||
| 586 | ses->auth_key.response = kmalloc(baselen + tilen, GFP_KERNEL); | ||
| 582 | if (!ses->auth_key.response) { | 587 | if (!ses->auth_key.response) { |
| 583 | rc = ENOMEM; | 588 | rc = ENOMEM; |
| 589 | ses->auth_key.len = 0; | ||
| 584 | cERROR(1, "%s: Can't allocate auth blob", __func__); | 590 | cERROR(1, "%s: Can't allocate auth blob", __func__); |
| 585 | goto setup_ntlmv2_rsp_ret; | 591 | goto setup_ntlmv2_rsp_ret; |
| 586 | } | 592 | } |
| 593 | ses->auth_key.len += baselen; | ||
| 587 | 594 | ||
| 588 | buf = (struct ntlmv2_resp *) | 595 | buf = (struct ntlmv2_resp *) |
| 589 | (ses->auth_key.response + CIFS_SESS_KEY_SIZE); | 596 | (ses->auth_key.response + CIFS_SESS_KEY_SIZE); |
| @@ -593,17 +600,17 @@ setup_ntlmv2_rsp(struct cifsSesInfo *ses, const struct nls_table *nls_cp) | |||
| 593 | get_random_bytes(&buf->client_chal, sizeof(buf->client_chal)); | 600 | get_random_bytes(&buf->client_chal, sizeof(buf->client_chal)); |
| 594 | buf->reserved2 = 0; | 601 | buf->reserved2 = 0; |
| 595 | 602 | ||
| 596 | memcpy(ses->auth_key.response + baselen, ses->tiblob, ses->tilen); | 603 | memcpy(ses->auth_key.response + baselen, tiblob, tilen); |
| 597 | 604 | ||
| 598 | /* calculate ntlmv2_hash */ | 605 | /* calculate ntlmv2_hash */ |
| 599 | rc = calc_ntlmv2_hash(ses, nls_cp); | 606 | rc = calc_ntlmv2_hash(ses, ntlmv2_hash, nls_cp); |
| 600 | if (rc) { | 607 | if (rc) { |
| 601 | cERROR(1, "could not get v2 hash rc %d", rc); | 608 | cERROR(1, "could not get v2 hash rc %d", rc); |
| 602 | goto setup_ntlmv2_rsp_ret; | 609 | goto setup_ntlmv2_rsp_ret; |
| 603 | } | 610 | } |
| 604 | 611 | ||
| 605 | /* calculate first part of the client response (CR1) */ | 612 | /* calculate first part of the client response (CR1) */ |
| 606 | rc = CalcNTLMv2_response(ses); | 613 | rc = CalcNTLMv2_response(ses, ntlmv2_hash); |
| 607 | if (rc) { | 614 | if (rc) { |
| 608 | cERROR(1, "Could not calculate CR1 rc: %d", rc); | 615 | cERROR(1, "Could not calculate CR1 rc: %d", rc); |
| 609 | goto setup_ntlmv2_rsp_ret; | 616 | goto setup_ntlmv2_rsp_ret; |
| @@ -611,7 +618,7 @@ setup_ntlmv2_rsp(struct cifsSesInfo *ses, const struct nls_table *nls_cp) | |||
| 611 | 618 | ||
| 612 | /* now calculate the session key for NTLMv2 */ | 619 | /* now calculate the session key for NTLMv2 */ |
| 613 | crypto_shash_setkey(ses->server->secmech.hmacmd5, | 620 | crypto_shash_setkey(ses->server->secmech.hmacmd5, |
| 614 | ses->ntlmv2_hash, CIFS_HMAC_MD5_HASH_SIZE); | 621 | ntlmv2_hash, CIFS_HMAC_MD5_HASH_SIZE); |
| 615 | 622 | ||
| 616 | rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash); | 623 | rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash); |
| 617 | if (rc) { | 624 | if (rc) { |
| @@ -627,9 +634,7 @@ setup_ntlmv2_rsp(struct cifsSesInfo *ses, const struct nls_table *nls_cp) | |||
| 627 | ses->auth_key.response); | 634 | ses->auth_key.response); |
| 628 | 635 | ||
| 629 | setup_ntlmv2_rsp_ret: | 636 | setup_ntlmv2_rsp_ret: |
| 630 | kfree(ses->tiblob); | 637 | kfree(tiblob); |
| 631 | ses->tiblob = NULL; | ||
| 632 | ses->tilen = 0; | ||
| 633 | 638 | ||
| 634 | return rc; | 639 | return rc; |
| 635 | } | 640 | } |
| @@ -657,7 +662,7 @@ calc_seckey(struct cifsSesInfo *ses) | |||
| 657 | CIFS_SESS_KEY_SIZE); | 662 | CIFS_SESS_KEY_SIZE); |
| 658 | 663 | ||
| 659 | sg_init_one(&sgin, sec_key, CIFS_SESS_KEY_SIZE); | 664 | sg_init_one(&sgin, sec_key, CIFS_SESS_KEY_SIZE); |
| 660 | sg_init_one(&sgout, ses->ntlmssp.ciphertext, CIFS_CPHTXT_SIZE); | 665 | sg_init_one(&sgout, ses->ntlmssp->ciphertext, CIFS_CPHTXT_SIZE); |
| 661 | 666 | ||
| 662 | rc = crypto_blkcipher_encrypt(&desc, &sgout, &sgin, CIFS_CPHTXT_SIZE); | 667 | rc = crypto_blkcipher_encrypt(&desc, &sgout, &sgin, CIFS_CPHTXT_SIZE); |
| 663 | if (rc) { | 668 | if (rc) { |