aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJeff Layton <jlayton@redhat.com>2008-12-05 20:41:21 -0500
committerSteve French <sfrench@us.ibm.com>2008-12-25 21:29:11 -0500
commit4e53a3fb98d3d5c2941d2e7199dab317a9d4ead3 (patch)
treec3485a826f33e4b6f18b603a475a1bfef7bb7986
parent55162dec9371a6f6ac63ff546c182cc6144a649e (diff)
cifs: have calc_lanman_hash take more granular args
cifs: have calc_lanman_hash take more granular args We need to use this routine to encrypt passwords associated with the tcon too. Don't assume that the password will be attached to the smb_session. Also, make some of the values in the lower encryption functions const since they aren't changed. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
-rw-r--r--fs/cifs/cifsencrypt.c30
-rw-r--r--fs/cifs/cifsencrypt.h3
-rw-r--r--fs/cifs/cifsproto.h3
-rw-r--r--fs/cifs/connect.c5
-rw-r--r--fs/cifs/sess.c5
-rw-r--r--fs/cifs/smbdes.c5
-rw-r--r--fs/cifs/smbencrypt.c9
7 files changed, 34 insertions, 26 deletions
diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c
index bd5f13d38450..d4839cf0cb2c 100644
--- a/fs/cifs/cifsencrypt.c
+++ b/fs/cifs/cifsencrypt.c
@@ -37,7 +37,7 @@
37 37
38extern void mdfour(unsigned char *out, unsigned char *in, int n); 38extern void mdfour(unsigned char *out, unsigned char *in, int n);
39extern void E_md4hash(const unsigned char *passwd, unsigned char *p16); 39extern void E_md4hash(const unsigned char *passwd, unsigned char *p16);
40extern void SMBencrypt(unsigned char *passwd, unsigned char *c8, 40extern void SMBencrypt(unsigned char *passwd, const unsigned char *c8,
41 unsigned char *p24); 41 unsigned char *p24);
42 42
43static int cifs_calculate_signature(const struct smb_hdr *cifs_pdu, 43static int cifs_calculate_signature(const struct smb_hdr *cifs_pdu,
@@ -280,25 +280,22 @@ int CalcNTLMv2_partial_mac_key(struct cifsSesInfo *ses,
280} 280}
281 281
282#ifdef CONFIG_CIFS_WEAK_PW_HASH 282#ifdef CONFIG_CIFS_WEAK_PW_HASH
283void calc_lanman_hash(struct cifsSesInfo *ses, char *lnm_session_key) 283void calc_lanman_hash(const char *password, const char *cryptkey, bool encrypt,
284 char *lnm_session_key)
284{ 285{
285 int i; 286 int i;
286 char password_with_pad[CIFS_ENCPWD_SIZE]; 287 char password_with_pad[CIFS_ENCPWD_SIZE];
287 288
288 if (ses->server == NULL)
289 return;
290
291 memset(password_with_pad, 0, CIFS_ENCPWD_SIZE); 289 memset(password_with_pad, 0, CIFS_ENCPWD_SIZE);
292 if (ses->password) 290 if (password)
293 strncpy(password_with_pad, ses->password, CIFS_ENCPWD_SIZE); 291 strncpy(password_with_pad, password, CIFS_ENCPWD_SIZE);
294 292
295 if ((ses->server->secMode & SECMODE_PW_ENCRYPT) == 0) 293 if (!encrypt && extended_security & CIFSSEC_MAY_PLNTXT) {
296 if (extended_security & CIFSSEC_MAY_PLNTXT) { 294 memset(lnm_session_key, 0, CIFS_SESS_KEY_SIZE);
297 memset(lnm_session_key, 0, CIFS_SESS_KEY_SIZE); 295 memcpy(lnm_session_key, password_with_pad,
298 memcpy(lnm_session_key, password_with_pad, 296 CIFS_ENCPWD_SIZE);
299 CIFS_ENCPWD_SIZE); 297 return;
300 return; 298 }
301 }
302 299
303 /* calculate old style session key */ 300 /* calculate old style session key */
304 /* calling toupper is less broken than repeatedly 301 /* calling toupper is less broken than repeatedly
@@ -314,7 +311,8 @@ void calc_lanman_hash(struct cifsSesInfo *ses, char *lnm_session_key)
314 for (i = 0; i < CIFS_ENCPWD_SIZE; i++) 311 for (i = 0; i < CIFS_ENCPWD_SIZE; i++)
315 password_with_pad[i] = toupper(password_with_pad[i]); 312 password_with_pad[i] = toupper(password_with_pad[i]);
316 313
317 SMBencrypt(password_with_pad, ses->server->cryptKey, lnm_session_key); 314 SMBencrypt(password_with_pad, cryptkey, lnm_session_key);
315
318 /* clear password before we return/free memory */ 316 /* clear password before we return/free memory */
319 memset(password_with_pad, 0, CIFS_ENCPWD_SIZE); 317 memset(password_with_pad, 0, CIFS_ENCPWD_SIZE);
320} 318}
diff --git a/fs/cifs/cifsencrypt.h b/fs/cifs/cifsencrypt.h
index 152fa2dcfc6c..15d2ec006474 100644
--- a/fs/cifs/cifsencrypt.h
+++ b/fs/cifs/cifsencrypt.h
@@ -26,7 +26,8 @@
26extern void mdfour(unsigned char *out, unsigned char *in, int n); 26extern void mdfour(unsigned char *out, unsigned char *in, int n);
27/* smbdes.c */ 27/* smbdes.c */
28extern void E_P16(unsigned char *p14, unsigned char *p16); 28extern void E_P16(unsigned char *p14, unsigned char *p16);
29extern void E_P24(unsigned char *p21, unsigned char *c8, unsigned char *p24); 29extern void E_P24(unsigned char *p21, const unsigned char *c8,
30 unsigned char *p24);
30 31
31 32
32 33
diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h
index 6f21ecb85ce5..f48616536078 100644
--- a/fs/cifs/cifsproto.h
+++ b/fs/cifs/cifsproto.h
@@ -330,7 +330,8 @@ extern void CalcNTLMv2_response(const struct cifsSesInfo *, char *);
330extern void setup_ntlmv2_rsp(struct cifsSesInfo *, char *, 330extern void setup_ntlmv2_rsp(struct cifsSesInfo *, char *,
331 const struct nls_table *); 331 const struct nls_table *);
332#ifdef CONFIG_CIFS_WEAK_PW_HASH 332#ifdef CONFIG_CIFS_WEAK_PW_HASH
333extern void calc_lanman_hash(struct cifsSesInfo *ses, char *lnm_session_key); 333extern void calc_lanman_hash(const char *password, const char *cryptkey,
334 bool encrypt, char *lnm_session_key);
334#endif /* CIFS_WEAK_PW_HASH */ 335#endif /* CIFS_WEAK_PW_HASH */
335extern int CIFSSMBCopy(int xid, 336extern int CIFSSMBCopy(int xid,
336 struct cifsTconInfo *source_tcon, 337 struct cifsTconInfo *source_tcon,
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index 6107ee42b093..3a84a375cb6f 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -3533,7 +3533,10 @@ CIFSTCon(unsigned int xid, struct cifsSesInfo *ses,
3533#ifdef CONFIG_CIFS_WEAK_PW_HASH 3533#ifdef CONFIG_CIFS_WEAK_PW_HASH
3534 if ((extended_security & CIFSSEC_MAY_LANMAN) && 3534 if ((extended_security & CIFSSEC_MAY_LANMAN) &&
3535 (ses->server->secType == LANMAN)) 3535 (ses->server->secType == LANMAN))
3536 calc_lanman_hash(ses, bcc_ptr); 3536 calc_lanman_hash(ses->password, ses->server->cryptKey,
3537 ses->server->secMode &
3538 SECMODE_PW_ENCRYPT ? true : false,
3539 bcc_ptr);
3537 else 3540 else
3538#endif /* CIFS_WEAK_PW_HASH */ 3541#endif /* CIFS_WEAK_PW_HASH */
3539 SMBNTencrypt(ses->password, 3542 SMBNTencrypt(ses->password,
diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c
index 2851d5da0c8c..5f22de7b79a9 100644
--- a/fs/cifs/sess.c
+++ b/fs/cifs/sess.c
@@ -417,7 +417,10 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time,
417 /* BB calculate hash with password */ 417 /* BB calculate hash with password */
418 /* and copy into bcc */ 418 /* and copy into bcc */
419 419
420 calc_lanman_hash(ses, lnm_session_key); 420 calc_lanman_hash(ses->password, ses->server->cryptKey,
421 ses->server->secMode & SECMODE_PW_ENCRYPT ?
422 true : false, lnm_session_key);
423
421 ses->flags |= CIFS_SES_LANMAN; 424 ses->flags |= CIFS_SES_LANMAN;
422 memcpy(bcc_ptr, (char *)lnm_session_key, CIFS_SESS_KEY_SIZE); 425 memcpy(bcc_ptr, (char *)lnm_session_key, CIFS_SESS_KEY_SIZE);
423 bcc_ptr += CIFS_SESS_KEY_SIZE; 426 bcc_ptr += CIFS_SESS_KEY_SIZE;
diff --git a/fs/cifs/smbdes.c b/fs/cifs/smbdes.c
index 04943c976f98..224a1f478966 100644
--- a/fs/cifs/smbdes.c
+++ b/fs/cifs/smbdes.c
@@ -318,7 +318,8 @@ str_to_key(unsigned char *str, unsigned char *key)
318} 318}
319 319
320static void 320static void
321smbhash(unsigned char *out, unsigned char *in, unsigned char *key, int forw) 321smbhash(unsigned char *out, const unsigned char *in, unsigned char *key,
322 int forw)
322{ 323{
323 int i; 324 int i;
324 char *outb; /* outb[64] */ 325 char *outb; /* outb[64] */
@@ -363,7 +364,7 @@ E_P16(unsigned char *p14, unsigned char *p16)
363} 364}
364 365
365void 366void
366E_P24(unsigned char *p21, unsigned char *c8, unsigned char *p24) 367E_P24(unsigned char *p21, const unsigned char *c8, unsigned char *p24)
367{ 368{
368 smbhash(p24, c8, p21, 1); 369 smbhash(p24, c8, p21, 1);
369 smbhash(p24 + 8, c8, p21 + 7, 1); 370 smbhash(p24 + 8, c8, p21 + 7, 1);
diff --git a/fs/cifs/smbencrypt.c b/fs/cifs/smbencrypt.c
index ff3232fa1015..93fb09a99c69 100644
--- a/fs/cifs/smbencrypt.c
+++ b/fs/cifs/smbencrypt.c
@@ -49,9 +49,10 @@
49 49
50/*The following definitions come from libsmb/smbencrypt.c */ 50/*The following definitions come from libsmb/smbencrypt.c */
51 51
52void SMBencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24); 52void SMBencrypt(unsigned char *passwd, const unsigned char *c8,
53 unsigned char *p24);
53void E_md4hash(const unsigned char *passwd, unsigned char *p16); 54void E_md4hash(const unsigned char *passwd, unsigned char *p16);
54static void SMBOWFencrypt(unsigned char passwd[16], unsigned char *c8, 55static void SMBOWFencrypt(unsigned char passwd[16], const unsigned char *c8,
55 unsigned char p24[24]); 56 unsigned char p24[24]);
56void SMBNTencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24); 57void SMBNTencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24);
57 58
@@ -61,7 +62,7 @@ void SMBNTencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24);
61 encrypted password into p24 */ 62 encrypted password into p24 */
62/* Note that password must be uppercased and null terminated */ 63/* Note that password must be uppercased and null terminated */
63void 64void
64SMBencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24) 65SMBencrypt(unsigned char *passwd, const unsigned char *c8, unsigned char *p24)
65{ 66{
66 unsigned char p14[15], p21[21]; 67 unsigned char p14[15], p21[21];
67 68
@@ -212,7 +213,7 @@ ntv2_owf_gen(const unsigned char owf[16], const char *user_n,
212 213
213/* Does the des encryption from the NT or LM MD4 hash. */ 214/* Does the des encryption from the NT or LM MD4 hash. */
214static void 215static void
215SMBOWFencrypt(unsigned char passwd[16], unsigned char *c8, 216SMBOWFencrypt(unsigned char passwd[16], const unsigned char *c8,
216 unsigned char p24[24]) 217 unsigned char p24[24])
217{ 218{
218 unsigned char p21[21]; 219 unsigned char p21[21];