diff options
author | Jeff Layton <jlayton@redhat.com> | 2008-12-05 20:41:21 -0500 |
---|---|---|
committer | Steve French <sfrench@us.ibm.com> | 2008-12-25 21:29:11 -0500 |
commit | 4e53a3fb98d3d5c2941d2e7199dab317a9d4ead3 (patch) | |
tree | c3485a826f33e4b6f18b603a475a1bfef7bb7986 | |
parent | 55162dec9371a6f6ac63ff546c182cc6144a649e (diff) |
cifs: have calc_lanman_hash take more granular args
cifs: have calc_lanman_hash take more granular args
We need to use this routine to encrypt passwords associated with the
tcon too. Don't assume that the password will be attached to the
smb_session.
Also, make some of the values in the lower encryption functions
const since they aren't changed.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
-rw-r--r-- | fs/cifs/cifsencrypt.c | 30 | ||||
-rw-r--r-- | fs/cifs/cifsencrypt.h | 3 | ||||
-rw-r--r-- | fs/cifs/cifsproto.h | 3 | ||||
-rw-r--r-- | fs/cifs/connect.c | 5 | ||||
-rw-r--r-- | fs/cifs/sess.c | 5 | ||||
-rw-r--r-- | fs/cifs/smbdes.c | 5 | ||||
-rw-r--r-- | fs/cifs/smbencrypt.c | 9 |
7 files changed, 34 insertions, 26 deletions
diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c index bd5f13d38450..d4839cf0cb2c 100644 --- a/fs/cifs/cifsencrypt.c +++ b/fs/cifs/cifsencrypt.c | |||
@@ -37,7 +37,7 @@ | |||
37 | 37 | ||
38 | extern void mdfour(unsigned char *out, unsigned char *in, int n); | 38 | extern void mdfour(unsigned char *out, unsigned char *in, int n); |
39 | extern void E_md4hash(const unsigned char *passwd, unsigned char *p16); | 39 | extern void E_md4hash(const unsigned char *passwd, unsigned char *p16); |
40 | extern void SMBencrypt(unsigned char *passwd, unsigned char *c8, | 40 | extern void SMBencrypt(unsigned char *passwd, const unsigned char *c8, |
41 | unsigned char *p24); | 41 | unsigned char *p24); |
42 | 42 | ||
43 | static int cifs_calculate_signature(const struct smb_hdr *cifs_pdu, | 43 | static int cifs_calculate_signature(const struct smb_hdr *cifs_pdu, |
@@ -280,25 +280,22 @@ int CalcNTLMv2_partial_mac_key(struct cifsSesInfo *ses, | |||
280 | } | 280 | } |
281 | 281 | ||
282 | #ifdef CONFIG_CIFS_WEAK_PW_HASH | 282 | #ifdef CONFIG_CIFS_WEAK_PW_HASH |
283 | void calc_lanman_hash(struct cifsSesInfo *ses, char *lnm_session_key) | 283 | void calc_lanman_hash(const char *password, const char *cryptkey, bool encrypt, |
284 | char *lnm_session_key) | ||
284 | { | 285 | { |
285 | int i; | 286 | int i; |
286 | char password_with_pad[CIFS_ENCPWD_SIZE]; | 287 | char password_with_pad[CIFS_ENCPWD_SIZE]; |
287 | 288 | ||
288 | if (ses->server == NULL) | ||
289 | return; | ||
290 | |||
291 | memset(password_with_pad, 0, CIFS_ENCPWD_SIZE); | 289 | memset(password_with_pad, 0, CIFS_ENCPWD_SIZE); |
292 | if (ses->password) | 290 | if (password) |
293 | strncpy(password_with_pad, ses->password, CIFS_ENCPWD_SIZE); | 291 | strncpy(password_with_pad, password, CIFS_ENCPWD_SIZE); |
294 | 292 | ||
295 | if ((ses->server->secMode & SECMODE_PW_ENCRYPT) == 0) | 293 | if (!encrypt && extended_security & CIFSSEC_MAY_PLNTXT) { |
296 | if (extended_security & CIFSSEC_MAY_PLNTXT) { | 294 | memset(lnm_session_key, 0, CIFS_SESS_KEY_SIZE); |
297 | memset(lnm_session_key, 0, CIFS_SESS_KEY_SIZE); | 295 | memcpy(lnm_session_key, password_with_pad, |
298 | memcpy(lnm_session_key, password_with_pad, | 296 | CIFS_ENCPWD_SIZE); |
299 | CIFS_ENCPWD_SIZE); | 297 | return; |
300 | return; | 298 | } |
301 | } | ||
302 | 299 | ||
303 | /* calculate old style session key */ | 300 | /* calculate old style session key */ |
304 | /* calling toupper is less broken than repeatedly | 301 | /* calling toupper is less broken than repeatedly |
@@ -314,7 +311,8 @@ void calc_lanman_hash(struct cifsSesInfo *ses, char *lnm_session_key) | |||
314 | for (i = 0; i < CIFS_ENCPWD_SIZE; i++) | 311 | for (i = 0; i < CIFS_ENCPWD_SIZE; i++) |
315 | password_with_pad[i] = toupper(password_with_pad[i]); | 312 | password_with_pad[i] = toupper(password_with_pad[i]); |
316 | 313 | ||
317 | SMBencrypt(password_with_pad, ses->server->cryptKey, lnm_session_key); | 314 | SMBencrypt(password_with_pad, cryptkey, lnm_session_key); |
315 | |||
318 | /* clear password before we return/free memory */ | 316 | /* clear password before we return/free memory */ |
319 | memset(password_with_pad, 0, CIFS_ENCPWD_SIZE); | 317 | memset(password_with_pad, 0, CIFS_ENCPWD_SIZE); |
320 | } | 318 | } |
diff --git a/fs/cifs/cifsencrypt.h b/fs/cifs/cifsencrypt.h index 152fa2dcfc6c..15d2ec006474 100644 --- a/fs/cifs/cifsencrypt.h +++ b/fs/cifs/cifsencrypt.h | |||
@@ -26,7 +26,8 @@ | |||
26 | extern void mdfour(unsigned char *out, unsigned char *in, int n); | 26 | extern void mdfour(unsigned char *out, unsigned char *in, int n); |
27 | /* smbdes.c */ | 27 | /* smbdes.c */ |
28 | extern void E_P16(unsigned char *p14, unsigned char *p16); | 28 | extern void E_P16(unsigned char *p14, unsigned char *p16); |
29 | extern void E_P24(unsigned char *p21, unsigned char *c8, unsigned char *p24); | 29 | extern void E_P24(unsigned char *p21, const unsigned char *c8, |
30 | unsigned char *p24); | ||
30 | 31 | ||
31 | 32 | ||
32 | 33 | ||
diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h index 6f21ecb85ce5..f48616536078 100644 --- a/fs/cifs/cifsproto.h +++ b/fs/cifs/cifsproto.h | |||
@@ -330,7 +330,8 @@ extern void CalcNTLMv2_response(const struct cifsSesInfo *, char *); | |||
330 | extern void setup_ntlmv2_rsp(struct cifsSesInfo *, char *, | 330 | extern void setup_ntlmv2_rsp(struct cifsSesInfo *, char *, |
331 | const struct nls_table *); | 331 | const struct nls_table *); |
332 | #ifdef CONFIG_CIFS_WEAK_PW_HASH | 332 | #ifdef CONFIG_CIFS_WEAK_PW_HASH |
333 | extern void calc_lanman_hash(struct cifsSesInfo *ses, char *lnm_session_key); | 333 | extern void calc_lanman_hash(const char *password, const char *cryptkey, |
334 | bool encrypt, char *lnm_session_key); | ||
334 | #endif /* CIFS_WEAK_PW_HASH */ | 335 | #endif /* CIFS_WEAK_PW_HASH */ |
335 | extern int CIFSSMBCopy(int xid, | 336 | extern int CIFSSMBCopy(int xid, |
336 | struct cifsTconInfo *source_tcon, | 337 | struct cifsTconInfo *source_tcon, |
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 6107ee42b093..3a84a375cb6f 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c | |||
@@ -3533,7 +3533,10 @@ CIFSTCon(unsigned int xid, struct cifsSesInfo *ses, | |||
3533 | #ifdef CONFIG_CIFS_WEAK_PW_HASH | 3533 | #ifdef CONFIG_CIFS_WEAK_PW_HASH |
3534 | if ((extended_security & CIFSSEC_MAY_LANMAN) && | 3534 | if ((extended_security & CIFSSEC_MAY_LANMAN) && |
3535 | (ses->server->secType == LANMAN)) | 3535 | (ses->server->secType == LANMAN)) |
3536 | calc_lanman_hash(ses, bcc_ptr); | 3536 | calc_lanman_hash(ses->password, ses->server->cryptKey, |
3537 | ses->server->secMode & | ||
3538 | SECMODE_PW_ENCRYPT ? true : false, | ||
3539 | bcc_ptr); | ||
3537 | else | 3540 | else |
3538 | #endif /* CIFS_WEAK_PW_HASH */ | 3541 | #endif /* CIFS_WEAK_PW_HASH */ |
3539 | SMBNTencrypt(ses->password, | 3542 | SMBNTencrypt(ses->password, |
diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c index 2851d5da0c8c..5f22de7b79a9 100644 --- a/fs/cifs/sess.c +++ b/fs/cifs/sess.c | |||
@@ -417,7 +417,10 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time, | |||
417 | /* BB calculate hash with password */ | 417 | /* BB calculate hash with password */ |
418 | /* and copy into bcc */ | 418 | /* and copy into bcc */ |
419 | 419 | ||
420 | calc_lanman_hash(ses, lnm_session_key); | 420 | calc_lanman_hash(ses->password, ses->server->cryptKey, |
421 | ses->server->secMode & SECMODE_PW_ENCRYPT ? | ||
422 | true : false, lnm_session_key); | ||
423 | |||
421 | ses->flags |= CIFS_SES_LANMAN; | 424 | ses->flags |= CIFS_SES_LANMAN; |
422 | memcpy(bcc_ptr, (char *)lnm_session_key, CIFS_SESS_KEY_SIZE); | 425 | memcpy(bcc_ptr, (char *)lnm_session_key, CIFS_SESS_KEY_SIZE); |
423 | bcc_ptr += CIFS_SESS_KEY_SIZE; | 426 | bcc_ptr += CIFS_SESS_KEY_SIZE; |
diff --git a/fs/cifs/smbdes.c b/fs/cifs/smbdes.c index 04943c976f98..224a1f478966 100644 --- a/fs/cifs/smbdes.c +++ b/fs/cifs/smbdes.c | |||
@@ -318,7 +318,8 @@ str_to_key(unsigned char *str, unsigned char *key) | |||
318 | } | 318 | } |
319 | 319 | ||
320 | static void | 320 | static void |
321 | smbhash(unsigned char *out, unsigned char *in, unsigned char *key, int forw) | 321 | smbhash(unsigned char *out, const unsigned char *in, unsigned char *key, |
322 | int forw) | ||
322 | { | 323 | { |
323 | int i; | 324 | int i; |
324 | char *outb; /* outb[64] */ | 325 | char *outb; /* outb[64] */ |
@@ -363,7 +364,7 @@ E_P16(unsigned char *p14, unsigned char *p16) | |||
363 | } | 364 | } |
364 | 365 | ||
365 | void | 366 | void |
366 | E_P24(unsigned char *p21, unsigned char *c8, unsigned char *p24) | 367 | E_P24(unsigned char *p21, const unsigned char *c8, unsigned char *p24) |
367 | { | 368 | { |
368 | smbhash(p24, c8, p21, 1); | 369 | smbhash(p24, c8, p21, 1); |
369 | smbhash(p24 + 8, c8, p21 + 7, 1); | 370 | smbhash(p24 + 8, c8, p21 + 7, 1); |
diff --git a/fs/cifs/smbencrypt.c b/fs/cifs/smbencrypt.c index ff3232fa1015..93fb09a99c69 100644 --- a/fs/cifs/smbencrypt.c +++ b/fs/cifs/smbencrypt.c | |||
@@ -49,9 +49,10 @@ | |||
49 | 49 | ||
50 | /*The following definitions come from libsmb/smbencrypt.c */ | 50 | /*The following definitions come from libsmb/smbencrypt.c */ |
51 | 51 | ||
52 | void SMBencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24); | 52 | void SMBencrypt(unsigned char *passwd, const unsigned char *c8, |
53 | unsigned char *p24); | ||
53 | void E_md4hash(const unsigned char *passwd, unsigned char *p16); | 54 | void E_md4hash(const unsigned char *passwd, unsigned char *p16); |
54 | static void SMBOWFencrypt(unsigned char passwd[16], unsigned char *c8, | 55 | static void SMBOWFencrypt(unsigned char passwd[16], const unsigned char *c8, |
55 | unsigned char p24[24]); | 56 | unsigned char p24[24]); |
56 | void SMBNTencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24); | 57 | void SMBNTencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24); |
57 | 58 | ||
@@ -61,7 +62,7 @@ void SMBNTencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24); | |||
61 | encrypted password into p24 */ | 62 | encrypted password into p24 */ |
62 | /* Note that password must be uppercased and null terminated */ | 63 | /* Note that password must be uppercased and null terminated */ |
63 | void | 64 | void |
64 | SMBencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24) | 65 | SMBencrypt(unsigned char *passwd, const unsigned char *c8, unsigned char *p24) |
65 | { | 66 | { |
66 | unsigned char p14[15], p21[21]; | 67 | unsigned char p14[15], p21[21]; |
67 | 68 | ||
@@ -212,7 +213,7 @@ ntv2_owf_gen(const unsigned char owf[16], const char *user_n, | |||
212 | 213 | ||
213 | /* Does the des encryption from the NT or LM MD4 hash. */ | 214 | /* Does the des encryption from the NT or LM MD4 hash. */ |
214 | static void | 215 | static void |
215 | SMBOWFencrypt(unsigned char passwd[16], unsigned char *c8, | 216 | SMBOWFencrypt(unsigned char passwd[16], const unsigned char *c8, |
216 | unsigned char p24[24]) | 217 | unsigned char p24[24]) |
217 | { | 218 | { |
218 | unsigned char p21[21]; | 219 | unsigned char p21[21]; |