aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSteve French <sfrench@us.ibm.com>2009-05-01 00:37:43 -0400
committerSteve French <sfrench@us.ibm.com>2009-05-01 00:37:43 -0400
commite14b2fe1e64d3e4bd2f328ff9d1969f318f55954 (patch)
treed1157ece05e36215b09699048c17bfbfeb2ec001
parentcf398e3a117b2b63da724c2365d53ce31bd7240a (diff)
[CIFS] Add remaining ntlmssp flags and standardize field names
Signed-off-by: Steve French <sfrench@us.ibm.com>
-rw-r--r--fs/cifs/connect.c30
-rw-r--r--fs/cifs/ntlmssp.h68
2 files changed, 57 insertions, 41 deletions
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index 9d2ebab53db7..5bce2778163b 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -2686,13 +2686,13 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid,
2686 /* setup pointers to domain name and workstation name */ 2686 /* setup pointers to domain name and workstation name */
2687 bcc_ptr += SecurityBlobLength; 2687 bcc_ptr += SecurityBlobLength;
2688 2688
2689 SecurityBlob->WorkstationName.Buffer = 0; 2689 SecurityBlob->WorkstationName.BufferOffset = 0;
2690 SecurityBlob->WorkstationName.Length = 0; 2690 SecurityBlob->WorkstationName.Length = 0;
2691 SecurityBlob->WorkstationName.MaximumLength = 0; 2691 SecurityBlob->WorkstationName.MaximumLength = 0;
2692 2692
2693 /* Domain not sent on first Sesssetup in NTLMSSP, instead it is sent 2693 /* Domain not sent on first Sesssetup in NTLMSSP, instead it is sent
2694 along with username on auth request (ie the response to challenge) */ 2694 along with username on auth request (ie the response to challenge) */
2695 SecurityBlob->DomainName.Buffer = 0; 2695 SecurityBlob->DomainName.BufferOffset = 0;
2696 SecurityBlob->DomainName.Length = 0; 2696 SecurityBlob->DomainName.Length = 0;
2697 SecurityBlob->DomainName.MaximumLength = 0; 2697 SecurityBlob->DomainName.MaximumLength = 0;
2698 if (ses->capabilities & CAP_UNICODE) { 2698 if (ses->capabilities & CAP_UNICODE) {
@@ -3020,30 +3020,30 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
3020 3020
3021/* setup pointers to domain name and workstation name */ 3021/* setup pointers to domain name and workstation name */
3022 3022
3023 SecurityBlob->WorkstationName.Buffer = 0; 3023 SecurityBlob->WorkstationName.BufferOffset = 0;
3024 SecurityBlob->WorkstationName.Length = 0; 3024 SecurityBlob->WorkstationName.Length = 0;
3025 SecurityBlob->WorkstationName.MaximumLength = 0; 3025 SecurityBlob->WorkstationName.MaximumLength = 0;
3026 SecurityBlob->SessionKey.Length = 0; 3026 SecurityBlob->SessionKey.Length = 0;
3027 SecurityBlob->SessionKey.MaximumLength = 0; 3027 SecurityBlob->SessionKey.MaximumLength = 0;
3028 SecurityBlob->SessionKey.Buffer = 0; 3028 SecurityBlob->SessionKey.BufferOffset = 0;
3029 3029
3030 SecurityBlob->LmChallengeResponse.Length = 0; 3030 SecurityBlob->LmChallengeResponse.Length = 0;
3031 SecurityBlob->LmChallengeResponse.MaximumLength = 0; 3031 SecurityBlob->LmChallengeResponse.MaximumLength = 0;
3032 SecurityBlob->LmChallengeResponse.Buffer = 0; 3032 SecurityBlob->LmChallengeResponse.BufferOffset = 0;
3033 3033
3034 SecurityBlob->NtChallengeResponse.Length = 3034 SecurityBlob->NtChallengeResponse.Length =
3035 cpu_to_le16(CIFS_SESS_KEY_SIZE); 3035 cpu_to_le16(CIFS_SESS_KEY_SIZE);
3036 SecurityBlob->NtChallengeResponse.MaximumLength = 3036 SecurityBlob->NtChallengeResponse.MaximumLength =
3037 cpu_to_le16(CIFS_SESS_KEY_SIZE); 3037 cpu_to_le16(CIFS_SESS_KEY_SIZE);
3038 memcpy(bcc_ptr, ntlm_session_key, CIFS_SESS_KEY_SIZE); 3038 memcpy(bcc_ptr, ntlm_session_key, CIFS_SESS_KEY_SIZE);
3039 SecurityBlob->NtChallengeResponse.Buffer = 3039 SecurityBlob->NtChallengeResponse.BufferOffset =
3040 cpu_to_le32(SecurityBlobLength); 3040 cpu_to_le32(SecurityBlobLength);
3041 SecurityBlobLength += CIFS_SESS_KEY_SIZE; 3041 SecurityBlobLength += CIFS_SESS_KEY_SIZE;
3042 bcc_ptr += CIFS_SESS_KEY_SIZE; 3042 bcc_ptr += CIFS_SESS_KEY_SIZE;
3043 3043
3044 if (ses->capabilities & CAP_UNICODE) { 3044 if (ses->capabilities & CAP_UNICODE) {
3045 if (domain == NULL) { 3045 if (domain == NULL) {
3046 SecurityBlob->DomainName.Buffer = 0; 3046 SecurityBlob->DomainName.BufferOffset = 0;
3047 SecurityBlob->DomainName.Length = 0; 3047 SecurityBlob->DomainName.Length = 0;
3048 SecurityBlob->DomainName.MaximumLength = 0; 3048 SecurityBlob->DomainName.MaximumLength = 0;
3049 } else { 3049 } else {
@@ -3052,14 +3052,14 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
3052 ln *= 2; 3052 ln *= 2;
3053 SecurityBlob->DomainName.MaximumLength = 3053 SecurityBlob->DomainName.MaximumLength =
3054 cpu_to_le16(ln); 3054 cpu_to_le16(ln);
3055 SecurityBlob->DomainName.Buffer = 3055 SecurityBlob->DomainName.BufferOffset =
3056 cpu_to_le32(SecurityBlobLength); 3056 cpu_to_le32(SecurityBlobLength);
3057 bcc_ptr += ln; 3057 bcc_ptr += ln;
3058 SecurityBlobLength += ln; 3058 SecurityBlobLength += ln;
3059 SecurityBlob->DomainName.Length = cpu_to_le16(ln); 3059 SecurityBlob->DomainName.Length = cpu_to_le16(ln);
3060 } 3060 }
3061 if (user == NULL) { 3061 if (user == NULL) {
3062 SecurityBlob->UserName.Buffer = 0; 3062 SecurityBlob->UserName.BufferOffset = 0;
3063 SecurityBlob->UserName.Length = 0; 3063 SecurityBlob->UserName.Length = 0;
3064 SecurityBlob->UserName.MaximumLength = 0; 3064 SecurityBlob->UserName.MaximumLength = 0;
3065 } else { 3065 } else {
@@ -3068,7 +3068,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
3068 ln *= 2; 3068 ln *= 2;
3069 SecurityBlob->UserName.MaximumLength = 3069 SecurityBlob->UserName.MaximumLength =
3070 cpu_to_le16(ln); 3070 cpu_to_le16(ln);
3071 SecurityBlob->UserName.Buffer = 3071 SecurityBlob->UserName.BufferOffset =
3072 cpu_to_le32(SecurityBlobLength); 3072 cpu_to_le32(SecurityBlobLength);
3073 bcc_ptr += ln; 3073 bcc_ptr += ln;
3074 SecurityBlobLength += ln; 3074 SecurityBlobLength += ln;
@@ -3080,7 +3080,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
3080 SecurityBlob->WorkstationName.Length *= 2; 3080 SecurityBlob->WorkstationName.Length *= 2;
3081 SecurityBlob->WorkstationName.MaximumLength = 3081 SecurityBlob->WorkstationName.MaximumLength =
3082 cpu_to_le16(SecurityBlob->WorkstationName.Length); 3082 cpu_to_le16(SecurityBlob->WorkstationName.Length);
3083 SecurityBlob->WorkstationName.Buffer = 3083 SecurityBlob->WorkstationName.BufferOffset =
3084 cpu_to_le32(SecurityBlobLength); 3084 cpu_to_le32(SecurityBlobLength);
3085 bcc_ptr += SecurityBlob->WorkstationName.Length; 3085 bcc_ptr += SecurityBlob->WorkstationName.Length;
3086 SecurityBlobLength += SecurityBlob->WorkstationName.Length; 3086 SecurityBlobLength += SecurityBlob->WorkstationName.Length;
@@ -3112,7 +3112,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
3112 bcc_ptr += 2; /* null domain */ 3112 bcc_ptr += 2; /* null domain */
3113 } else { /* ASCII */ 3113 } else { /* ASCII */
3114 if (domain == NULL) { 3114 if (domain == NULL) {
3115 SecurityBlob->DomainName.Buffer = 0; 3115 SecurityBlob->DomainName.BufferOffset = 0;
3116 SecurityBlob->DomainName.Length = 0; 3116 SecurityBlob->DomainName.Length = 0;
3117 SecurityBlob->DomainName.MaximumLength = 0; 3117 SecurityBlob->DomainName.MaximumLength = 0;
3118 } else { 3118 } else {
@@ -3122,14 +3122,14 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
3122 ln = strnlen(domain, 64); 3122 ln = strnlen(domain, 64);
3123 SecurityBlob->DomainName.MaximumLength = 3123 SecurityBlob->DomainName.MaximumLength =
3124 cpu_to_le16(ln); 3124 cpu_to_le16(ln);
3125 SecurityBlob->DomainName.Buffer = 3125 SecurityBlob->DomainName.BufferOffset =
3126 cpu_to_le32(SecurityBlobLength); 3126 cpu_to_le32(SecurityBlobLength);
3127 bcc_ptr += ln; 3127 bcc_ptr += ln;
3128 SecurityBlobLength += ln; 3128 SecurityBlobLength += ln;
3129 SecurityBlob->DomainName.Length = cpu_to_le16(ln); 3129 SecurityBlob->DomainName.Length = cpu_to_le16(ln);
3130 } 3130 }
3131 if (user == NULL) { 3131 if (user == NULL) {
3132 SecurityBlob->UserName.Buffer = 0; 3132 SecurityBlob->UserName.BufferOffset = 0;
3133 SecurityBlob->UserName.Length = 0; 3133 SecurityBlob->UserName.Length = 0;
3134 SecurityBlob->UserName.MaximumLength = 0; 3134 SecurityBlob->UserName.MaximumLength = 0;
3135 } else { 3135 } else {
@@ -3137,7 +3137,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
3137 strncpy(bcc_ptr, user, 63); 3137 strncpy(bcc_ptr, user, 63);
3138 ln = strnlen(user, 64); 3138 ln = strnlen(user, 64);
3139 SecurityBlob->UserName.MaximumLength = cpu_to_le16(ln); 3139 SecurityBlob->UserName.MaximumLength = cpu_to_le16(ln);
3140 SecurityBlob->UserName.Buffer = 3140 SecurityBlob->UserName.BufferOffset =
3141 cpu_to_le32(SecurityBlobLength); 3141 cpu_to_le32(SecurityBlobLength);
3142 bcc_ptr += ln; 3142 bcc_ptr += ln;
3143 SecurityBlobLength += ln; 3143 SecurityBlobLength += ln;
diff --git a/fs/cifs/ntlmssp.h b/fs/cifs/ntlmssp.h
index c377d8065d99..49c9a4e75319 100644
--- a/fs/cifs/ntlmssp.h
+++ b/fs/cifs/ntlmssp.h
@@ -27,29 +27,39 @@
27#define UnknownMessage cpu_to_le32(8) 27#define UnknownMessage cpu_to_le32(8)
28 28
29/* Negotiate Flags */ 29/* Negotiate Flags */
30#define NTLMSSP_NEGOTIATE_UNICODE 0x01 /* Text strings are in unicode */ 30#define NTLMSSP_NEGOTIATE_UNICODE 0x01 /* Text strings are unicode */
31#define NTLMSSP_NEGOTIATE_OEM 0x02 /* Text strings are in OEM */ 31#define NTLMSSP_NEGOTIATE_OEM 0x02 /* Text strings are in OEM */
32#define NTLMSSP_REQUEST_TARGET 0x04 /* Server return its auth realm */ 32#define NTLMSSP_REQUEST_TARGET 0x04 /* Srv returns its auth realm */
33#define NTLMSSP_NEGOTIATE_SIGN 0x0010 /* Request signature capability */ 33/* define reserved9 0x08 */
34#define NTLMSSP_NEGOTIATE_SEAL 0x0020 /* Request confidentiality */ 34#define NTLMSSP_NEGOTIATE_SIGN 0x0010 /* Request signing capability */
35#define NTLMSSP_NEGOTIATE_DGRAM 0x0040 35#define NTLMSSP_NEGOTIATE_SEAL 0x0020 /* Request confidentiality */
36#define NTLMSSP_NEGOTIATE_LM_KEY 0x0080 /* Sign/seal use LM session key */ 36#define NTLMSSP_NEGOTIATE_DGRAM 0x0040
37#define NTLMSSP_NEGOTIATE_NTLM 0x0200 /* NTLM authentication */ 37#define NTLMSSP_NEGOTIATE_LM_KEY 0x0080 /* Use LM session key */
38#define NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED 0x1000 38/* defined reserved 8 0x0100 */
39#define NTLMSSP_NEGOTIATE_NTLM 0x0200 /* NTLM authentication */
40#define NTLMSSP_NEGOTIATE_NT_ONLY 0x0400 /* Lanman not allowed */
41#define NTLMSSP_ANONYMOUS 0x0800
42#define NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED 0x1000 /* reserved6 */
39#define NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED 0x2000 43#define NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED 0x2000
40#define NTLMSSP_NEGOTIATE_LOCAL_CALL 0x4000 /* client/server on same machine */ 44#define NTLMSSP_NEGOTIATE_LOCAL_CALL 0x4000 /* client/server same machine */
41#define NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0x8000 /* Sign for all security levels */ 45#define NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0x8000 /* Sign. All security levels */
42#define NTLMSSP_TARGET_TYPE_DOMAIN 0x10000 46#define NTLMSSP_TARGET_TYPE_DOMAIN 0x10000
43#define NTLMSSP_TARGET_TYPE_SERVER 0x20000 47#define NTLMSSP_TARGET_TYPE_SERVER 0x20000
44#define NTLMSSP_TARGET_TYPE_SHARE 0x40000 48#define NTLMSSP_TARGET_TYPE_SHARE 0x40000
45#define NTLMSSP_NEGOTIATE_NTLMV2 0x80000 49#define NTLMSSP_NEGOTIATE_EXTENDED_SEC 0x80000 /* NB:not related to NTLMv2 pwd*/
46#define NTLMSSP_REQUEST_INIT_RESP 0x100000 50/* #define NTLMSSP_REQUEST_INIT_RESP 0x100000 */
47#define NTLMSSP_REQUEST_ACCEPT_RESP 0x200000 51#define NTLMSSP_NEGOTIATE_IDENTIFY 0x100000
48#define NTLMSSP_REQUEST_NOT_NT_KEY 0x400000 52#define NTLMSSP_REQUEST_ACCEPT_RESP 0x200000 /* reserved5 */
53#define NTLMSSP_REQUEST_NON_NT_KEY 0x400000
49#define NTLMSSP_NEGOTIATE_TARGET_INFO 0x800000 54#define NTLMSSP_NEGOTIATE_TARGET_INFO 0x800000
50#define NTLMSSP_NEGOTIATE_128 0x20000000 55/* #define reserved4 0x1000000 */
51#define NTLMSSP_NEGOTIATE_KEY_XCH 0x40000000 56#define NTLMSSP_NEGOTIATE_VERSION 0x2000000 /* we do not set */
52#define NTLMSSP_NEGOTIATE_56 0x80000000 57/* #define reserved3 0x4000000 */
58/* #define reserved2 0x8000000 */
59/* #define reserved1 0x10000000 */
60#define NTLMSSP_NEGOTIATE_128 0x20000000
61#define NTLMSSP_NEGOTIATE_KEY_XCH 0x40000000
62#define NTLMSSP_NEGOTIATE_56 0x80000000
53 63
54/* Although typedefs are not commonly used for structure definitions */ 64/* Although typedefs are not commonly used for structure definitions */
55/* in the Linux kernel, in this particular case they are useful */ 65/* in the Linux kernel, in this particular case they are useful */
@@ -60,32 +70,36 @@
60typedef struct _SECURITY_BUFFER { 70typedef struct _SECURITY_BUFFER {
61 __le16 Length; 71 __le16 Length;
62 __le16 MaximumLength; 72 __le16 MaximumLength;
63 __le32 Buffer; /* offset to buffer */ 73 __le32 BufferOffset; /* offset to buffer */
64} __attribute__((packed)) SECURITY_BUFFER; 74} __attribute__((packed)) SECURITY_BUFFER;
65 75
66typedef struct _NEGOTIATE_MESSAGE { 76typedef struct _NEGOTIATE_MESSAGE {
67 __u8 Signature[sizeof(NTLMSSP_SIGNATURE)]; 77 __u8 Signature[sizeof(NTLMSSP_SIGNATURE)];
68 __le32 MessageType; /* 1 */ 78 __le32 MessageType; /* NtLmNegotiate = 1 */
69 __le32 NegotiateFlags; 79 __le32 NegotiateFlags;
70 SECURITY_BUFFER DomainName; /* RFC 1001 style and ASCII */ 80 SECURITY_BUFFER DomainName; /* RFC 1001 style and ASCII */
71 SECURITY_BUFFER WorkstationName; /* RFC 1001 and ASCII */ 81 SECURITY_BUFFER WorkstationName; /* RFC 1001 and ASCII */
82 /* SECURITY_BUFFER for version info not present since we
83 do not set the version is present flag */
72 char DomainString[0]; 84 char DomainString[0];
73 /* followed by WorkstationString */ 85 /* followed by WorkstationString */
74} __attribute__((packed)) NEGOTIATE_MESSAGE, *PNEGOTIATE_MESSAGE; 86} __attribute__((packed)) NEGOTIATE_MESSAGE, *PNEGOTIATE_MESSAGE;
75 87
76typedef struct _CHALLENGE_MESSAGE { 88typedef struct _CHALLENGE_MESSAGE {
77 __u8 Signature[sizeof(NTLMSSP_SIGNATURE)]; 89 __u8 Signature[sizeof(NTLMSSP_SIGNATURE)];
78 __le32 MessageType; /* 2 */ 90 __le32 MessageType; /* NtLmChallenge = 2 */
79 SECURITY_BUFFER TargetName; 91 SECURITY_BUFFER TargetName;
80 __le32 NegotiateFlags; 92 __le32 NegotiateFlags;
81 __u8 Challenge[CIFS_CRYPTO_KEY_SIZE]; 93 __u8 Challenge[CIFS_CRYPTO_KEY_SIZE];
82 __u8 Reserved[8]; 94 __u8 Reserved[8];
83 SECURITY_BUFFER TargetInfoArray; 95 SECURITY_BUFFER TargetInfoArray;
96 /* SECURITY_BUFFER for version info not present since we
97 do not set the version is present flag */
84} __attribute__((packed)) CHALLENGE_MESSAGE, *PCHALLENGE_MESSAGE; 98} __attribute__((packed)) CHALLENGE_MESSAGE, *PCHALLENGE_MESSAGE;
85 99
86typedef struct _AUTHENTICATE_MESSAGE { 100typedef struct _AUTHENTICATE_MESSAGE {
87 __u8 Signature[sizeof (NTLMSSP_SIGNATURE)]; 101 __u8 Signature[sizeof(NTLMSSP_SIGNATURE)];
88 __le32 MessageType; /* 3 */ 102 __le32 MessageType; /* NtLmsAuthenticate = 3 */
89 SECURITY_BUFFER LmChallengeResponse; 103 SECURITY_BUFFER LmChallengeResponse;
90 SECURITY_BUFFER NtChallengeResponse; 104 SECURITY_BUFFER NtChallengeResponse;
91 SECURITY_BUFFER DomainName; 105 SECURITY_BUFFER DomainName;
@@ -93,5 +107,7 @@ typedef struct _AUTHENTICATE_MESSAGE {
93 SECURITY_BUFFER WorkstationName; 107 SECURITY_BUFFER WorkstationName;
94 SECURITY_BUFFER SessionKey; 108 SECURITY_BUFFER SessionKey;
95 __le32 NegotiateFlags; 109 __le32 NegotiateFlags;
110 /* SECURITY_BUFFER for version info not present since we
111 do not set the version is present flag */
96 char UserString[0]; 112 char UserString[0];
97} __attribute__((packed)) AUTHENTICATE_MESSAGE, *PAUTHENTICATE_MESSAGE; 113} __attribute__((packed)) AUTHENTICATE_MESSAGE, *PAUTHENTICATE_MESSAGE;