diff options
Diffstat (limited to 'fs/cifs/sess.c')
-rw-r--r-- | fs/cifs/sess.c | 135 |
1 files changed, 62 insertions, 73 deletions
diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c index 7b01d3f6eed..eb746486e49 100644 --- a/fs/cifs/sess.c +++ b/fs/cifs/sess.c | |||
@@ -420,7 +420,6 @@ static int decode_ntlmssp_challenge(char *bcc_ptr, int blob_len, | |||
420 | return 0; | 420 | return 0; |
421 | } | 421 | } |
422 | 422 | ||
423 | #ifdef CONFIG_CIFS_EXPERIMENTAL | ||
424 | /* BB Move to ntlmssp.c eventually */ | 423 | /* BB Move to ntlmssp.c eventually */ |
425 | 424 | ||
426 | /* We do not malloc the blob, it is passed in pbuffer, because | 425 | /* We do not malloc the blob, it is passed in pbuffer, because |
@@ -431,13 +430,14 @@ static void build_ntlmssp_negotiate_blob(unsigned char *pbuffer, | |||
431 | NEGOTIATE_MESSAGE *sec_blob = (NEGOTIATE_MESSAGE *)pbuffer; | 430 | NEGOTIATE_MESSAGE *sec_blob = (NEGOTIATE_MESSAGE *)pbuffer; |
432 | __u32 flags; | 431 | __u32 flags; |
433 | 432 | ||
433 | memset(pbuffer, 0, sizeof(NEGOTIATE_MESSAGE)); | ||
434 | memcpy(sec_blob->Signature, NTLMSSP_SIGNATURE, 8); | 434 | memcpy(sec_blob->Signature, NTLMSSP_SIGNATURE, 8); |
435 | sec_blob->MessageType = NtLmNegotiate; | 435 | sec_blob->MessageType = NtLmNegotiate; |
436 | 436 | ||
437 | /* BB is NTLMV2 session security format easier to use here? */ | 437 | /* BB is NTLMV2 session security format easier to use here? */ |
438 | flags = NTLMSSP_NEGOTIATE_56 | NTLMSSP_REQUEST_TARGET | | 438 | flags = NTLMSSP_NEGOTIATE_56 | NTLMSSP_REQUEST_TARGET | |
439 | NTLMSSP_NEGOTIATE_128 | NTLMSSP_NEGOTIATE_UNICODE | | 439 | NTLMSSP_NEGOTIATE_128 | NTLMSSP_NEGOTIATE_UNICODE | |
440 | NTLMSSP_NEGOTIATE_NTLM; | 440 | NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_NEGOTIATE_EXTENDED_SEC; |
441 | if (ses->server->secMode & | 441 | if (ses->server->secMode & |
442 | (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED)) { | 442 | (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED)) { |
443 | flags |= NTLMSSP_NEGOTIATE_SIGN; | 443 | flags |= NTLMSSP_NEGOTIATE_SIGN; |
@@ -446,7 +446,7 @@ static void build_ntlmssp_negotiate_blob(unsigned char *pbuffer, | |||
446 | NTLMSSP_NEGOTIATE_EXTENDED_SEC; | 446 | NTLMSSP_NEGOTIATE_EXTENDED_SEC; |
447 | } | 447 | } |
448 | 448 | ||
449 | sec_blob->NegotiateFlags |= cpu_to_le32(flags); | 449 | sec_blob->NegotiateFlags = cpu_to_le32(flags); |
450 | 450 | ||
451 | sec_blob->WorkstationName.BufferOffset = 0; | 451 | sec_blob->WorkstationName.BufferOffset = 0; |
452 | sec_blob->WorkstationName.Length = 0; | 452 | sec_blob->WorkstationName.Length = 0; |
@@ -477,7 +477,7 @@ static int build_ntlmssp_auth_blob(unsigned char *pbuffer, | |||
477 | flags = NTLMSSP_NEGOTIATE_56 | | 477 | flags = NTLMSSP_NEGOTIATE_56 | |
478 | NTLMSSP_REQUEST_TARGET | NTLMSSP_NEGOTIATE_TARGET_INFO | | 478 | NTLMSSP_REQUEST_TARGET | NTLMSSP_NEGOTIATE_TARGET_INFO | |
479 | NTLMSSP_NEGOTIATE_128 | NTLMSSP_NEGOTIATE_UNICODE | | 479 | NTLMSSP_NEGOTIATE_128 | NTLMSSP_NEGOTIATE_UNICODE | |
480 | NTLMSSP_NEGOTIATE_NTLM; | 480 | NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_NEGOTIATE_EXTENDED_SEC; |
481 | if (ses->server->secMode & | 481 | if (ses->server->secMode & |
482 | (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED)) | 482 | (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED)) |
483 | flags |= NTLMSSP_NEGOTIATE_SIGN; | 483 | flags |= NTLMSSP_NEGOTIATE_SIGN; |
@@ -485,7 +485,7 @@ static int build_ntlmssp_auth_blob(unsigned char *pbuffer, | |||
485 | flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN; | 485 | flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN; |
486 | 486 | ||
487 | tmp = pbuffer + sizeof(AUTHENTICATE_MESSAGE); | 487 | tmp = pbuffer + sizeof(AUTHENTICATE_MESSAGE); |
488 | sec_blob->NegotiateFlags |= cpu_to_le32(flags); | 488 | sec_blob->NegotiateFlags = cpu_to_le32(flags); |
489 | 489 | ||
490 | sec_blob->LmChallengeResponse.BufferOffset = | 490 | sec_blob->LmChallengeResponse.BufferOffset = |
491 | cpu_to_le32(sizeof(AUTHENTICATE_MESSAGE)); | 491 | cpu_to_le32(sizeof(AUTHENTICATE_MESSAGE)); |
@@ -544,8 +544,9 @@ static int build_ntlmssp_auth_blob(unsigned char *pbuffer, | |||
544 | sec_blob->WorkstationName.MaximumLength = 0; | 544 | sec_blob->WorkstationName.MaximumLength = 0; |
545 | tmp += 2; | 545 | tmp += 2; |
546 | 546 | ||
547 | if ((ses->ntlmssp->server_flags & NTLMSSP_NEGOTIATE_KEY_XCH) && | 547 | if (((ses->ntlmssp->server_flags & NTLMSSP_NEGOTIATE_KEY_XCH) || |
548 | !calc_seckey(ses)) { | 548 | (ses->ntlmssp->server_flags & NTLMSSP_NEGOTIATE_EXTENDED_SEC)) |
549 | && !calc_seckey(ses)) { | ||
549 | memcpy(tmp, ses->ntlmssp->ciphertext, CIFS_CPHTXT_SIZE); | 550 | memcpy(tmp, ses->ntlmssp->ciphertext, CIFS_CPHTXT_SIZE); |
550 | sec_blob->SessionKey.BufferOffset = cpu_to_le32(tmp - pbuffer); | 551 | sec_blob->SessionKey.BufferOffset = cpu_to_le32(tmp - pbuffer); |
551 | sec_blob->SessionKey.Length = cpu_to_le16(CIFS_CPHTXT_SIZE); | 552 | sec_blob->SessionKey.Length = cpu_to_le16(CIFS_CPHTXT_SIZE); |
@@ -563,17 +564,6 @@ setup_ntlmv2_ret: | |||
563 | return rc; | 564 | return rc; |
564 | } | 565 | } |
565 | 566 | ||
566 | |||
567 | static void setup_ntlmssp_neg_req(SESSION_SETUP_ANDX *pSMB, | ||
568 | struct cifsSesInfo *ses) | ||
569 | { | ||
570 | build_ntlmssp_negotiate_blob(&pSMB->req.SecurityBlob[0], ses); | ||
571 | pSMB->req.SecurityBlobLength = cpu_to_le16(sizeof(NEGOTIATE_MESSAGE)); | ||
572 | |||
573 | return; | ||
574 | } | ||
575 | #endif | ||
576 | |||
577 | int | 567 | int |
578 | CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, | 568 | CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, |
579 | const struct nls_table *nls_cp) | 569 | const struct nls_table *nls_cp) |
@@ -814,71 +804,70 @@ ssetup_ntlmssp_authenticate: | |||
814 | rc = -ENOSYS; | 804 | rc = -ENOSYS; |
815 | goto ssetup_exit; | 805 | goto ssetup_exit; |
816 | #endif /* CONFIG_CIFS_UPCALL */ | 806 | #endif /* CONFIG_CIFS_UPCALL */ |
817 | } else { | 807 | } else if (type == RawNTLMSSP) { |
818 | #ifdef CONFIG_CIFS_EXPERIMENTAL | 808 | if ((pSMB->req.hdr.Flags2 & SMBFLG2_UNICODE) == 0) { |
819 | if (type == RawNTLMSSP) { | 809 | cERROR(1, "NTLMSSP requires Unicode support"); |
820 | if ((pSMB->req.hdr.Flags2 & SMBFLG2_UNICODE) == 0) { | 810 | rc = -ENOSYS; |
821 | cERROR(1, "NTLMSSP requires Unicode support"); | 811 | goto ssetup_exit; |
822 | rc = -ENOSYS; | 812 | } |
813 | |||
814 | cFYI(1, "ntlmssp session setup phase %d", phase); | ||
815 | pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC; | ||
816 | capabilities |= CAP_EXTENDED_SECURITY; | ||
817 | pSMB->req.Capabilities |= cpu_to_le32(capabilities); | ||
818 | switch(phase) { | ||
819 | case NtLmNegotiate: | ||
820 | build_ntlmssp_negotiate_blob( | ||
821 | pSMB->req.SecurityBlob, ses); | ||
822 | iov[1].iov_len = sizeof(NEGOTIATE_MESSAGE); | ||
823 | iov[1].iov_base = pSMB->req.SecurityBlob; | ||
824 | pSMB->req.SecurityBlobLength = | ||
825 | cpu_to_le16(sizeof(NEGOTIATE_MESSAGE)); | ||
826 | break; | ||
827 | case NtLmAuthenticate: | ||
828 | /* | ||
829 | * 5 is an empirical value, large enough to hold | ||
830 | * authenticate message plus max 10 of av paris, | ||
831 | * domain, user, workstation names, flags, etc. | ||
832 | */ | ||
833 | ntlmsspblob = kzalloc( | ||
834 | 5*sizeof(struct _AUTHENTICATE_MESSAGE), | ||
835 | GFP_KERNEL); | ||
836 | if (!ntlmsspblob) { | ||
837 | cERROR(1, "Can't allocate NTLMSSP blob"); | ||
838 | rc = -ENOMEM; | ||
823 | goto ssetup_exit; | 839 | goto ssetup_exit; |
824 | } | 840 | } |
825 | 841 | ||
826 | cFYI(1, "ntlmssp session setup phase %d", phase); | 842 | rc = build_ntlmssp_auth_blob(ntlmsspblob, |
827 | pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC; | 843 | &blob_len, ses, nls_cp); |
828 | capabilities |= CAP_EXTENDED_SECURITY; | 844 | if (rc) |
829 | pSMB->req.Capabilities |= cpu_to_le32(capabilities); | ||
830 | if (phase == NtLmNegotiate) { | ||
831 | setup_ntlmssp_neg_req(pSMB, ses); | ||
832 | iov[1].iov_len = sizeof(NEGOTIATE_MESSAGE); | ||
833 | iov[1].iov_base = &pSMB->req.SecurityBlob[0]; | ||
834 | } else if (phase == NtLmAuthenticate) { | ||
835 | /* 5 is an empirical value, large enought to | ||
836 | * hold authenticate message, max 10 of | ||
837 | * av paris, doamin,user,workstation mames, | ||
838 | * flags etc.. | ||
839 | */ | ||
840 | ntlmsspblob = kmalloc( | ||
841 | 5*sizeof(struct _AUTHENTICATE_MESSAGE), | ||
842 | GFP_KERNEL); | ||
843 | if (!ntlmsspblob) { | ||
844 | cERROR(1, "Can't allocate NTLMSSP"); | ||
845 | rc = -ENOMEM; | ||
846 | goto ssetup_exit; | ||
847 | } | ||
848 | |||
849 | rc = build_ntlmssp_auth_blob(ntlmsspblob, | ||
850 | &blob_len, ses, nls_cp); | ||
851 | if (rc) | ||
852 | goto ssetup_exit; | ||
853 | iov[1].iov_len = blob_len; | ||
854 | iov[1].iov_base = ntlmsspblob; | ||
855 | pSMB->req.SecurityBlobLength = | ||
856 | cpu_to_le16(blob_len); | ||
857 | /* Make sure that we tell the server that we | ||
858 | are using the uid that it just gave us back | ||
859 | on the response (challenge) */ | ||
860 | smb_buf->Uid = ses->Suid; | ||
861 | } else { | ||
862 | cERROR(1, "invalid phase %d", phase); | ||
863 | rc = -ENOSYS; | ||
864 | goto ssetup_exit; | 845 | goto ssetup_exit; |
865 | } | 846 | iov[1].iov_len = blob_len; |
866 | /* unicode strings must be word aligned */ | 847 | iov[1].iov_base = ntlmsspblob; |
867 | if ((iov[0].iov_len + iov[1].iov_len) % 2) { | 848 | pSMB->req.SecurityBlobLength = cpu_to_le16(blob_len); |
868 | *bcc_ptr = 0; | 849 | /* |
869 | bcc_ptr++; | 850 | * Make sure that we tell the server that we are using |
870 | } | 851 | * the uid that it just gave us back on the response |
871 | unicode_oslm_strings(&bcc_ptr, nls_cp); | 852 | * (challenge) |
872 | } else { | 853 | */ |
873 | cERROR(1, "secType %d not supported!", type); | 854 | smb_buf->Uid = ses->Suid; |
855 | break; | ||
856 | default: | ||
857 | cERROR(1, "invalid phase %d", phase); | ||
874 | rc = -ENOSYS; | 858 | rc = -ENOSYS; |
875 | goto ssetup_exit; | 859 | goto ssetup_exit; |
876 | } | 860 | } |
877 | #else | 861 | /* unicode strings must be word aligned */ |
862 | if ((iov[0].iov_len + iov[1].iov_len) % 2) { | ||
863 | *bcc_ptr = 0; | ||
864 | bcc_ptr++; | ||
865 | } | ||
866 | unicode_oslm_strings(&bcc_ptr, nls_cp); | ||
867 | } else { | ||
878 | cERROR(1, "secType %d not supported!", type); | 868 | cERROR(1, "secType %d not supported!", type); |
879 | rc = -ENOSYS; | 869 | rc = -ENOSYS; |
880 | goto ssetup_exit; | 870 | goto ssetup_exit; |
881 | #endif | ||
882 | } | 871 | } |
883 | 872 | ||
884 | iov[2].iov_base = str_area; | 873 | iov[2].iov_base = str_area; |