diff options
author | Steve French <sfrench@us.ibm.com> | 2009-05-01 00:37:43 -0400 |
---|---|---|
committer | Steve French <sfrench@us.ibm.com> | 2009-05-01 00:37:43 -0400 |
commit | e14b2fe1e64d3e4bd2f328ff9d1969f318f55954 (patch) | |
tree | d1157ece05e36215b09699048c17bfbfeb2ec001 | |
parent | cf398e3a117b2b63da724c2365d53ce31bd7240a (diff) |
[CIFS] Add remaining ntlmssp flags and standardize field names
Signed-off-by: Steve French <sfrench@us.ibm.com>
-rw-r--r-- | fs/cifs/connect.c | 30 | ||||
-rw-r--r-- | fs/cifs/ntlmssp.h | 68 |
2 files changed, 57 insertions, 41 deletions
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 9d2ebab53db7..5bce2778163b 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c | |||
@@ -2686,13 +2686,13 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid, | |||
2686 | /* setup pointers to domain name and workstation name */ | 2686 | /* setup pointers to domain name and workstation name */ |
2687 | bcc_ptr += SecurityBlobLength; | 2687 | bcc_ptr += SecurityBlobLength; |
2688 | 2688 | ||
2689 | SecurityBlob->WorkstationName.Buffer = 0; | 2689 | SecurityBlob->WorkstationName.BufferOffset = 0; |
2690 | SecurityBlob->WorkstationName.Length = 0; | 2690 | SecurityBlob->WorkstationName.Length = 0; |
2691 | SecurityBlob->WorkstationName.MaximumLength = 0; | 2691 | SecurityBlob->WorkstationName.MaximumLength = 0; |
2692 | 2692 | ||
2693 | /* Domain not sent on first Sesssetup in NTLMSSP, instead it is sent | 2693 | /* Domain not sent on first Sesssetup in NTLMSSP, instead it is sent |
2694 | along with username on auth request (ie the response to challenge) */ | 2694 | along with username on auth request (ie the response to challenge) */ |
2695 | SecurityBlob->DomainName.Buffer = 0; | 2695 | SecurityBlob->DomainName.BufferOffset = 0; |
2696 | SecurityBlob->DomainName.Length = 0; | 2696 | SecurityBlob->DomainName.Length = 0; |
2697 | SecurityBlob->DomainName.MaximumLength = 0; | 2697 | SecurityBlob->DomainName.MaximumLength = 0; |
2698 | if (ses->capabilities & CAP_UNICODE) { | 2698 | if (ses->capabilities & CAP_UNICODE) { |
@@ -3020,30 +3020,30 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses, | |||
3020 | 3020 | ||
3021 | /* setup pointers to domain name and workstation name */ | 3021 | /* setup pointers to domain name and workstation name */ |
3022 | 3022 | ||
3023 | SecurityBlob->WorkstationName.Buffer = 0; | 3023 | SecurityBlob->WorkstationName.BufferOffset = 0; |
3024 | SecurityBlob->WorkstationName.Length = 0; | 3024 | SecurityBlob->WorkstationName.Length = 0; |
3025 | SecurityBlob->WorkstationName.MaximumLength = 0; | 3025 | SecurityBlob->WorkstationName.MaximumLength = 0; |
3026 | SecurityBlob->SessionKey.Length = 0; | 3026 | SecurityBlob->SessionKey.Length = 0; |
3027 | SecurityBlob->SessionKey.MaximumLength = 0; | 3027 | SecurityBlob->SessionKey.MaximumLength = 0; |
3028 | SecurityBlob->SessionKey.Buffer = 0; | 3028 | SecurityBlob->SessionKey.BufferOffset = 0; |
3029 | 3029 | ||
3030 | SecurityBlob->LmChallengeResponse.Length = 0; | 3030 | SecurityBlob->LmChallengeResponse.Length = 0; |
3031 | SecurityBlob->LmChallengeResponse.MaximumLength = 0; | 3031 | SecurityBlob->LmChallengeResponse.MaximumLength = 0; |
3032 | SecurityBlob->LmChallengeResponse.Buffer = 0; | 3032 | SecurityBlob->LmChallengeResponse.BufferOffset = 0; |
3033 | 3033 | ||
3034 | SecurityBlob->NtChallengeResponse.Length = | 3034 | SecurityBlob->NtChallengeResponse.Length = |
3035 | cpu_to_le16(CIFS_SESS_KEY_SIZE); | 3035 | cpu_to_le16(CIFS_SESS_KEY_SIZE); |
3036 | SecurityBlob->NtChallengeResponse.MaximumLength = | 3036 | SecurityBlob->NtChallengeResponse.MaximumLength = |
3037 | cpu_to_le16(CIFS_SESS_KEY_SIZE); | 3037 | cpu_to_le16(CIFS_SESS_KEY_SIZE); |
3038 | memcpy(bcc_ptr, ntlm_session_key, CIFS_SESS_KEY_SIZE); | 3038 | memcpy(bcc_ptr, ntlm_session_key, CIFS_SESS_KEY_SIZE); |
3039 | SecurityBlob->NtChallengeResponse.Buffer = | 3039 | SecurityBlob->NtChallengeResponse.BufferOffset = |
3040 | cpu_to_le32(SecurityBlobLength); | 3040 | cpu_to_le32(SecurityBlobLength); |
3041 | SecurityBlobLength += CIFS_SESS_KEY_SIZE; | 3041 | SecurityBlobLength += CIFS_SESS_KEY_SIZE; |
3042 | bcc_ptr += CIFS_SESS_KEY_SIZE; | 3042 | bcc_ptr += CIFS_SESS_KEY_SIZE; |
3043 | 3043 | ||
3044 | if (ses->capabilities & CAP_UNICODE) { | 3044 | if (ses->capabilities & CAP_UNICODE) { |
3045 | if (domain == NULL) { | 3045 | if (domain == NULL) { |
3046 | SecurityBlob->DomainName.Buffer = 0; | 3046 | SecurityBlob->DomainName.BufferOffset = 0; |
3047 | SecurityBlob->DomainName.Length = 0; | 3047 | SecurityBlob->DomainName.Length = 0; |
3048 | SecurityBlob->DomainName.MaximumLength = 0; | 3048 | SecurityBlob->DomainName.MaximumLength = 0; |
3049 | } else { | 3049 | } else { |
@@ -3052,14 +3052,14 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses, | |||
3052 | ln *= 2; | 3052 | ln *= 2; |
3053 | SecurityBlob->DomainName.MaximumLength = | 3053 | SecurityBlob->DomainName.MaximumLength = |
3054 | cpu_to_le16(ln); | 3054 | cpu_to_le16(ln); |
3055 | SecurityBlob->DomainName.Buffer = | 3055 | SecurityBlob->DomainName.BufferOffset = |
3056 | cpu_to_le32(SecurityBlobLength); | 3056 | cpu_to_le32(SecurityBlobLength); |
3057 | bcc_ptr += ln; | 3057 | bcc_ptr += ln; |
3058 | SecurityBlobLength += ln; | 3058 | SecurityBlobLength += ln; |
3059 | SecurityBlob->DomainName.Length = cpu_to_le16(ln); | 3059 | SecurityBlob->DomainName.Length = cpu_to_le16(ln); |
3060 | } | 3060 | } |
3061 | if (user == NULL) { | 3061 | if (user == NULL) { |
3062 | SecurityBlob->UserName.Buffer = 0; | 3062 | SecurityBlob->UserName.BufferOffset = 0; |
3063 | SecurityBlob->UserName.Length = 0; | 3063 | SecurityBlob->UserName.Length = 0; |
3064 | SecurityBlob->UserName.MaximumLength = 0; | 3064 | SecurityBlob->UserName.MaximumLength = 0; |
3065 | } else { | 3065 | } else { |
@@ -3068,7 +3068,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses, | |||
3068 | ln *= 2; | 3068 | ln *= 2; |
3069 | SecurityBlob->UserName.MaximumLength = | 3069 | SecurityBlob->UserName.MaximumLength = |
3070 | cpu_to_le16(ln); | 3070 | cpu_to_le16(ln); |
3071 | SecurityBlob->UserName.Buffer = | 3071 | SecurityBlob->UserName.BufferOffset = |
3072 | cpu_to_le32(SecurityBlobLength); | 3072 | cpu_to_le32(SecurityBlobLength); |
3073 | bcc_ptr += ln; | 3073 | bcc_ptr += ln; |
3074 | SecurityBlobLength += ln; | 3074 | SecurityBlobLength += ln; |
@@ -3080,7 +3080,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses, | |||
3080 | SecurityBlob->WorkstationName.Length *= 2; | 3080 | SecurityBlob->WorkstationName.Length *= 2; |
3081 | SecurityBlob->WorkstationName.MaximumLength = | 3081 | SecurityBlob->WorkstationName.MaximumLength = |
3082 | cpu_to_le16(SecurityBlob->WorkstationName.Length); | 3082 | cpu_to_le16(SecurityBlob->WorkstationName.Length); |
3083 | SecurityBlob->WorkstationName.Buffer = | 3083 | SecurityBlob->WorkstationName.BufferOffset = |
3084 | cpu_to_le32(SecurityBlobLength); | 3084 | cpu_to_le32(SecurityBlobLength); |
3085 | bcc_ptr += SecurityBlob->WorkstationName.Length; | 3085 | bcc_ptr += SecurityBlob->WorkstationName.Length; |
3086 | SecurityBlobLength += SecurityBlob->WorkstationName.Length; | 3086 | SecurityBlobLength += SecurityBlob->WorkstationName.Length; |
@@ -3112,7 +3112,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses, | |||
3112 | bcc_ptr += 2; /* null domain */ | 3112 | bcc_ptr += 2; /* null domain */ |
3113 | } else { /* ASCII */ | 3113 | } else { /* ASCII */ |
3114 | if (domain == NULL) { | 3114 | if (domain == NULL) { |
3115 | SecurityBlob->DomainName.Buffer = 0; | 3115 | SecurityBlob->DomainName.BufferOffset = 0; |
3116 | SecurityBlob->DomainName.Length = 0; | 3116 | SecurityBlob->DomainName.Length = 0; |
3117 | SecurityBlob->DomainName.MaximumLength = 0; | 3117 | SecurityBlob->DomainName.MaximumLength = 0; |
3118 | } else { | 3118 | } else { |
@@ -3122,14 +3122,14 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses, | |||
3122 | ln = strnlen(domain, 64); | 3122 | ln = strnlen(domain, 64); |
3123 | SecurityBlob->DomainName.MaximumLength = | 3123 | SecurityBlob->DomainName.MaximumLength = |
3124 | cpu_to_le16(ln); | 3124 | cpu_to_le16(ln); |
3125 | SecurityBlob->DomainName.Buffer = | 3125 | SecurityBlob->DomainName.BufferOffset = |
3126 | cpu_to_le32(SecurityBlobLength); | 3126 | cpu_to_le32(SecurityBlobLength); |
3127 | bcc_ptr += ln; | 3127 | bcc_ptr += ln; |
3128 | SecurityBlobLength += ln; | 3128 | SecurityBlobLength += ln; |
3129 | SecurityBlob->DomainName.Length = cpu_to_le16(ln); | 3129 | SecurityBlob->DomainName.Length = cpu_to_le16(ln); |
3130 | } | 3130 | } |
3131 | if (user == NULL) { | 3131 | if (user == NULL) { |
3132 | SecurityBlob->UserName.Buffer = 0; | 3132 | SecurityBlob->UserName.BufferOffset = 0; |
3133 | SecurityBlob->UserName.Length = 0; | 3133 | SecurityBlob->UserName.Length = 0; |
3134 | SecurityBlob->UserName.MaximumLength = 0; | 3134 | SecurityBlob->UserName.MaximumLength = 0; |
3135 | } else { | 3135 | } else { |
@@ -3137,7 +3137,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses, | |||
3137 | strncpy(bcc_ptr, user, 63); | 3137 | strncpy(bcc_ptr, user, 63); |
3138 | ln = strnlen(user, 64); | 3138 | ln = strnlen(user, 64); |
3139 | SecurityBlob->UserName.MaximumLength = cpu_to_le16(ln); | 3139 | SecurityBlob->UserName.MaximumLength = cpu_to_le16(ln); |
3140 | SecurityBlob->UserName.Buffer = | 3140 | SecurityBlob->UserName.BufferOffset = |
3141 | cpu_to_le32(SecurityBlobLength); | 3141 | cpu_to_le32(SecurityBlobLength); |
3142 | bcc_ptr += ln; | 3142 | bcc_ptr += ln; |
3143 | SecurityBlobLength += ln; | 3143 | SecurityBlobLength += ln; |
diff --git a/fs/cifs/ntlmssp.h b/fs/cifs/ntlmssp.h index c377d8065d99..49c9a4e75319 100644 --- a/fs/cifs/ntlmssp.h +++ b/fs/cifs/ntlmssp.h | |||
@@ -27,29 +27,39 @@ | |||
27 | #define UnknownMessage cpu_to_le32(8) | 27 | #define UnknownMessage cpu_to_le32(8) |
28 | 28 | ||
29 | /* Negotiate Flags */ | 29 | /* Negotiate Flags */ |
30 | #define NTLMSSP_NEGOTIATE_UNICODE 0x01 /* Text strings are in unicode */ | 30 | #define NTLMSSP_NEGOTIATE_UNICODE 0x01 /* Text strings are unicode */ |
31 | #define NTLMSSP_NEGOTIATE_OEM 0x02 /* Text strings are in OEM */ | 31 | #define NTLMSSP_NEGOTIATE_OEM 0x02 /* Text strings are in OEM */ |
32 | #define NTLMSSP_REQUEST_TARGET 0x04 /* Server return its auth realm */ | 32 | #define NTLMSSP_REQUEST_TARGET 0x04 /* Srv returns its auth realm */ |
33 | #define NTLMSSP_NEGOTIATE_SIGN 0x0010 /* Request signature capability */ | 33 | /* define reserved9 0x08 */ |
34 | #define NTLMSSP_NEGOTIATE_SEAL 0x0020 /* Request confidentiality */ | 34 | #define NTLMSSP_NEGOTIATE_SIGN 0x0010 /* Request signing capability */ |
35 | #define NTLMSSP_NEGOTIATE_DGRAM 0x0040 | 35 | #define NTLMSSP_NEGOTIATE_SEAL 0x0020 /* Request confidentiality */ |
36 | #define NTLMSSP_NEGOTIATE_LM_KEY 0x0080 /* Sign/seal use LM session key */ | 36 | #define NTLMSSP_NEGOTIATE_DGRAM 0x0040 |
37 | #define NTLMSSP_NEGOTIATE_NTLM 0x0200 /* NTLM authentication */ | 37 | #define NTLMSSP_NEGOTIATE_LM_KEY 0x0080 /* Use LM session key */ |
38 | #define NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED 0x1000 | 38 | /* defined reserved 8 0x0100 */ |
39 | #define NTLMSSP_NEGOTIATE_NTLM 0x0200 /* NTLM authentication */ | ||
40 | #define NTLMSSP_NEGOTIATE_NT_ONLY 0x0400 /* Lanman not allowed */ | ||
41 | #define NTLMSSP_ANONYMOUS 0x0800 | ||
42 | #define NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED 0x1000 /* reserved6 */ | ||
39 | #define NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED 0x2000 | 43 | #define NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED 0x2000 |
40 | #define NTLMSSP_NEGOTIATE_LOCAL_CALL 0x4000 /* client/server on same machine */ | 44 | #define NTLMSSP_NEGOTIATE_LOCAL_CALL 0x4000 /* client/server same machine */ |
41 | #define NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0x8000 /* Sign for all security levels */ | 45 | #define NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0x8000 /* Sign. All security levels */ |
42 | #define NTLMSSP_TARGET_TYPE_DOMAIN 0x10000 | 46 | #define NTLMSSP_TARGET_TYPE_DOMAIN 0x10000 |
43 | #define NTLMSSP_TARGET_TYPE_SERVER 0x20000 | 47 | #define NTLMSSP_TARGET_TYPE_SERVER 0x20000 |
44 | #define NTLMSSP_TARGET_TYPE_SHARE 0x40000 | 48 | #define NTLMSSP_TARGET_TYPE_SHARE 0x40000 |
45 | #define NTLMSSP_NEGOTIATE_NTLMV2 0x80000 | 49 | #define NTLMSSP_NEGOTIATE_EXTENDED_SEC 0x80000 /* NB:not related to NTLMv2 pwd*/ |
46 | #define NTLMSSP_REQUEST_INIT_RESP 0x100000 | 50 | /* #define NTLMSSP_REQUEST_INIT_RESP 0x100000 */ |
47 | #define NTLMSSP_REQUEST_ACCEPT_RESP 0x200000 | 51 | #define NTLMSSP_NEGOTIATE_IDENTIFY 0x100000 |
48 | #define NTLMSSP_REQUEST_NOT_NT_KEY 0x400000 | 52 | #define NTLMSSP_REQUEST_ACCEPT_RESP 0x200000 /* reserved5 */ |
53 | #define NTLMSSP_REQUEST_NON_NT_KEY 0x400000 | ||
49 | #define NTLMSSP_NEGOTIATE_TARGET_INFO 0x800000 | 54 | #define NTLMSSP_NEGOTIATE_TARGET_INFO 0x800000 |
50 | #define NTLMSSP_NEGOTIATE_128 0x20000000 | 55 | /* #define reserved4 0x1000000 */ |
51 | #define NTLMSSP_NEGOTIATE_KEY_XCH 0x40000000 | 56 | #define NTLMSSP_NEGOTIATE_VERSION 0x2000000 /* we do not set */ |
52 | #define NTLMSSP_NEGOTIATE_56 0x80000000 | 57 | /* #define reserved3 0x4000000 */ |
58 | /* #define reserved2 0x8000000 */ | ||
59 | /* #define reserved1 0x10000000 */ | ||
60 | #define NTLMSSP_NEGOTIATE_128 0x20000000 | ||
61 | #define NTLMSSP_NEGOTIATE_KEY_XCH 0x40000000 | ||
62 | #define NTLMSSP_NEGOTIATE_56 0x80000000 | ||
53 | 63 | ||
54 | /* Although typedefs are not commonly used for structure definitions */ | 64 | /* Although typedefs are not commonly used for structure definitions */ |
55 | /* in the Linux kernel, in this particular case they are useful */ | 65 | /* in the Linux kernel, in this particular case they are useful */ |
@@ -60,32 +70,36 @@ | |||
60 | typedef struct _SECURITY_BUFFER { | 70 | typedef struct _SECURITY_BUFFER { |
61 | __le16 Length; | 71 | __le16 Length; |
62 | __le16 MaximumLength; | 72 | __le16 MaximumLength; |
63 | __le32 Buffer; /* offset to buffer */ | 73 | __le32 BufferOffset; /* offset to buffer */ |
64 | } __attribute__((packed)) SECURITY_BUFFER; | 74 | } __attribute__((packed)) SECURITY_BUFFER; |
65 | 75 | ||
66 | typedef struct _NEGOTIATE_MESSAGE { | 76 | typedef struct _NEGOTIATE_MESSAGE { |
67 | __u8 Signature[sizeof(NTLMSSP_SIGNATURE)]; | 77 | __u8 Signature[sizeof(NTLMSSP_SIGNATURE)]; |
68 | __le32 MessageType; /* 1 */ | 78 | __le32 MessageType; /* NtLmNegotiate = 1 */ |
69 | __le32 NegotiateFlags; | 79 | __le32 NegotiateFlags; |
70 | SECURITY_BUFFER DomainName; /* RFC 1001 style and ASCII */ | 80 | SECURITY_BUFFER DomainName; /* RFC 1001 style and ASCII */ |
71 | SECURITY_BUFFER WorkstationName; /* RFC 1001 and ASCII */ | 81 | SECURITY_BUFFER WorkstationName; /* RFC 1001 and ASCII */ |
82 | /* SECURITY_BUFFER for version info not present since we | ||
83 | do not set the version is present flag */ | ||
72 | char DomainString[0]; | 84 | char DomainString[0]; |
73 | /* followed by WorkstationString */ | 85 | /* followed by WorkstationString */ |
74 | } __attribute__((packed)) NEGOTIATE_MESSAGE, *PNEGOTIATE_MESSAGE; | 86 | } __attribute__((packed)) NEGOTIATE_MESSAGE, *PNEGOTIATE_MESSAGE; |
75 | 87 | ||
76 | typedef struct _CHALLENGE_MESSAGE { | 88 | typedef struct _CHALLENGE_MESSAGE { |
77 | __u8 Signature[sizeof(NTLMSSP_SIGNATURE)]; | 89 | __u8 Signature[sizeof(NTLMSSP_SIGNATURE)]; |
78 | __le32 MessageType; /* 2 */ | 90 | __le32 MessageType; /* NtLmChallenge = 2 */ |
79 | SECURITY_BUFFER TargetName; | 91 | SECURITY_BUFFER TargetName; |
80 | __le32 NegotiateFlags; | 92 | __le32 NegotiateFlags; |
81 | __u8 Challenge[CIFS_CRYPTO_KEY_SIZE]; | 93 | __u8 Challenge[CIFS_CRYPTO_KEY_SIZE]; |
82 | __u8 Reserved[8]; | 94 | __u8 Reserved[8]; |
83 | SECURITY_BUFFER TargetInfoArray; | 95 | SECURITY_BUFFER TargetInfoArray; |
96 | /* SECURITY_BUFFER for version info not present since we | ||
97 | do not set the version is present flag */ | ||
84 | } __attribute__((packed)) CHALLENGE_MESSAGE, *PCHALLENGE_MESSAGE; | 98 | } __attribute__((packed)) CHALLENGE_MESSAGE, *PCHALLENGE_MESSAGE; |
85 | 99 | ||
86 | typedef struct _AUTHENTICATE_MESSAGE { | 100 | typedef struct _AUTHENTICATE_MESSAGE { |
87 | __u8 Signature[sizeof (NTLMSSP_SIGNATURE)]; | 101 | __u8 Signature[sizeof(NTLMSSP_SIGNATURE)]; |
88 | __le32 MessageType; /* 3 */ | 102 | __le32 MessageType; /* NtLmsAuthenticate = 3 */ |
89 | SECURITY_BUFFER LmChallengeResponse; | 103 | SECURITY_BUFFER LmChallengeResponse; |
90 | SECURITY_BUFFER NtChallengeResponse; | 104 | SECURITY_BUFFER NtChallengeResponse; |
91 | SECURITY_BUFFER DomainName; | 105 | SECURITY_BUFFER DomainName; |
@@ -93,5 +107,7 @@ typedef struct _AUTHENTICATE_MESSAGE { | |||
93 | SECURITY_BUFFER WorkstationName; | 107 | SECURITY_BUFFER WorkstationName; |
94 | SECURITY_BUFFER SessionKey; | 108 | SECURITY_BUFFER SessionKey; |
95 | __le32 NegotiateFlags; | 109 | __le32 NegotiateFlags; |
110 | /* SECURITY_BUFFER for version info not present since we | ||
111 | do not set the version is present flag */ | ||
96 | char UserString[0]; | 112 | char UserString[0]; |
97 | } __attribute__((packed)) AUTHENTICATE_MESSAGE, *PAUTHENTICATE_MESSAGE; | 113 | } __attribute__((packed)) AUTHENTICATE_MESSAGE, *PAUTHENTICATE_MESSAGE; |