diff options
author | Jeff Layton <jlayton@redhat.com> | 2008-12-05 20:41:21 -0500 |
---|---|---|
committer | Steve French <sfrench@us.ibm.com> | 2008-12-25 21:29:11 -0500 |
commit | 00e485b0198ea4f509341373f1d9adb0a5977a2f (patch) | |
tree | 2f8a50be11f0551fe8ad2af33a00577621398027 | |
parent | 4e53a3fb98d3d5c2941d2e7199dab317a9d4ead3 (diff) |
cifs: store password in tcon
cifs: store password in tcon
Each tcon has its own password for share-level security. Store it in
the tcon and wipe it clean and free it when freeing the tcon. When
doing the tree connect with share-level security, use the tcon password
instead of the session password.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
-rw-r--r-- | fs/cifs/cifsglob.h | 1 | ||||
-rw-r--r-- | fs/cifs/connect.c | 25 | ||||
-rw-r--r-- | fs/cifs/misc.c | 4 |
3 files changed, 23 insertions, 7 deletions
diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h index 0fb934d3623b..94c1ca0ec953 100644 --- a/fs/cifs/cifsglob.h +++ b/fs/cifs/cifsglob.h | |||
@@ -242,6 +242,7 @@ struct cifsTconInfo { | |||
242 | struct cifsSesInfo *ses; /* pointer to session associated with */ | 242 | struct cifsSesInfo *ses; /* pointer to session associated with */ |
243 | char treeName[MAX_TREE_SIZE + 1]; /* UNC name of resource in ASCII */ | 243 | char treeName[MAX_TREE_SIZE + 1]; /* UNC name of resource in ASCII */ |
244 | char *nativeFileSystem; | 244 | char *nativeFileSystem; |
245 | char *password; /* for share-level security */ | ||
245 | __u16 tid; /* The 2 byte tree id */ | 246 | __u16 tid; /* The 2 byte tree id */ |
246 | __u16 Flags; /* optional support bits */ | 247 | __u16 Flags; /* optional support bits */ |
247 | enum statusEnum tidStatus; | 248 | enum statusEnum tidStatus; |
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 3a84a375cb6f..3caadf12d76d 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c | |||
@@ -2282,9 +2282,12 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, | |||
2282 | 2282 | ||
2283 | /* volume_info->password freed at unmount */ | 2283 | /* volume_info->password freed at unmount */ |
2284 | if (volume_info->password) { | 2284 | if (volume_info->password) { |
2285 | pSesInfo->password = volume_info->password; | 2285 | pSesInfo->password = kstrdup(volume_info->password, |
2286 | /* set to NULL to prevent freeing on exit */ | 2286 | GFP_KERNEL); |
2287 | volume_info->password = NULL; | 2287 | if (!pSesInfo->password) { |
2288 | rc = -ENOMEM; | ||
2289 | goto mount_fail_check; | ||
2290 | } | ||
2288 | } | 2291 | } |
2289 | if (volume_info->username) | 2292 | if (volume_info->username) |
2290 | strncpy(pSesInfo->userName, volume_info->username, | 2293 | strncpy(pSesInfo->userName, volume_info->username, |
@@ -2324,7 +2327,16 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, | |||
2324 | rc = -ENOMEM; | 2327 | rc = -ENOMEM; |
2325 | goto mount_fail_check; | 2328 | goto mount_fail_check; |
2326 | } | 2329 | } |
2330 | |||
2327 | tcon->ses = pSesInfo; | 2331 | tcon->ses = pSesInfo; |
2332 | if (volume_info->password) { | ||
2333 | tcon->password = kstrdup(volume_info->password, | ||
2334 | GFP_KERNEL); | ||
2335 | if (!tcon->password) { | ||
2336 | rc = -ENOMEM; | ||
2337 | goto mount_fail_check; | ||
2338 | } | ||
2339 | } | ||
2328 | 2340 | ||
2329 | /* check for null share name ie connect to dfs root */ | 2341 | /* check for null share name ie connect to dfs root */ |
2330 | if ((strchr(volume_info->UNC + 3, '\\') == NULL) | 2342 | if ((strchr(volume_info->UNC + 3, '\\') == NULL) |
@@ -3532,15 +3544,14 @@ CIFSTCon(unsigned int xid, struct cifsSesInfo *ses, | |||
3532 | NTLMv2 password here) */ | 3544 | NTLMv2 password here) */ |
3533 | #ifdef CONFIG_CIFS_WEAK_PW_HASH | 3545 | #ifdef CONFIG_CIFS_WEAK_PW_HASH |
3534 | if ((extended_security & CIFSSEC_MAY_LANMAN) && | 3546 | if ((extended_security & CIFSSEC_MAY_LANMAN) && |
3535 | (ses->server->secType == LANMAN)) | 3547 | (ses->server->secType == LANMAN)) |
3536 | calc_lanman_hash(ses->password, ses->server->cryptKey, | 3548 | calc_lanman_hash(tcon->password, ses->server->cryptKey, |
3537 | ses->server->secMode & | 3549 | ses->server->secMode & |
3538 | SECMODE_PW_ENCRYPT ? true : false, | 3550 | SECMODE_PW_ENCRYPT ? true : false, |
3539 | bcc_ptr); | 3551 | bcc_ptr); |
3540 | else | 3552 | else |
3541 | #endif /* CIFS_WEAK_PW_HASH */ | 3553 | #endif /* CIFS_WEAK_PW_HASH */ |
3542 | SMBNTencrypt(ses->password, | 3554 | SMBNTencrypt(tcon->password, ses->server->cryptKey, |
3543 | ses->server->cryptKey, | ||
3544 | bcc_ptr); | 3555 | bcc_ptr); |
3545 | 3556 | ||
3546 | bcc_ptr += CIFS_SESS_KEY_SIZE; | 3557 | bcc_ptr += CIFS_SESS_KEY_SIZE; |
diff --git a/fs/cifs/misc.c b/fs/cifs/misc.c index 7c3f4b9230d7..a0513605d7e3 100644 --- a/fs/cifs/misc.c +++ b/fs/cifs/misc.c | |||
@@ -132,6 +132,10 @@ tconInfoFree(struct cifsTconInfo *buf_to_free) | |||
132 | } | 132 | } |
133 | atomic_dec(&tconInfoAllocCount); | 133 | atomic_dec(&tconInfoAllocCount); |
134 | kfree(buf_to_free->nativeFileSystem); | 134 | kfree(buf_to_free->nativeFileSystem); |
135 | if (buf_to_free->password) { | ||
136 | memset(buf_to_free->password, 0, strlen(buf_to_free->password)); | ||
137 | kfree(buf_to_free->password); | ||
138 | } | ||
135 | kfree(buf_to_free); | 139 | kfree(buf_to_free); |
136 | } | 140 | } |
137 | 141 | ||