diff options
author | Steve French <sfrench@us.ibm.com> | 2006-12-07 23:14:28 -0500 |
---|---|---|
committer | Steve French <sfrench@us.ibm.com> | 2006-12-07 23:14:28 -0500 |
commit | 33ec32fae0e2c4433bfd1e74cbde6cb16604a719 (patch) | |
tree | d1752424d29d226e4d23868d186fdb16d66e6f25 | |
parent | c99767974ebd2a719d849fdeaaa1674456f5283f (diff) |
[CIFS] Fix NTLMv2 mounts to Windows servers
Windows servers are pickier about NTLMv2 than Samba.
This enables more secure mounts to Windows (not just Samba)
ie when "sec=ntlmv2" is specified on the mount.
Signed-off-by: Steve French <sfrench@us.ibm.com>
-rw-r--r-- | fs/cifs/CHANGES | 3 | ||||
-rw-r--r-- | fs/cifs/cifsencrypt.c | 4 | ||||
-rw-r--r-- | fs/cifs/cifspdu.h | 8 |
3 files changed, 12 insertions, 3 deletions
diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index 0b3c37ef52e0..3539d6ef9611 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES | |||
@@ -5,7 +5,8 @@ Allow null user to be specified on mount ("username="). Do not return | |||
5 | EINVAL on readdir when filldir fails due to overwritten blocksize | 5 | EINVAL on readdir when filldir fails due to overwritten blocksize |
6 | (fixes FC problem). Return error in rename 2nd attempt retry (ie report | 6 | (fixes FC problem). Return error in rename 2nd attempt retry (ie report |
7 | if rename by handle also fails, after rename by path fails, we were | 7 | if rename by handle also fails, after rename by path fails, we were |
8 | not reporting whether the retry worked or not). | 8 | not reporting whether the retry worked or not). Fix NTLMv2 to |
9 | work to Windows servers (mount with option "sec=ntlmv2"). | ||
9 | 10 | ||
10 | Version 1.45 | 11 | Version 1.45 |
11 | ------------ | 12 | ------------ |
diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c index 4bc250b2d9fc..fdeda519eace 100644 --- a/fs/cifs/cifsencrypt.c +++ b/fs/cifs/cifsencrypt.c | |||
@@ -372,8 +372,10 @@ void setup_ntlmv2_rsp(struct cifsSesInfo * ses, char * resp_buf, | |||
372 | buf->time = cpu_to_le64(cifs_UnixTimeToNT(CURRENT_TIME)); | 372 | buf->time = cpu_to_le64(cifs_UnixTimeToNT(CURRENT_TIME)); |
373 | get_random_bytes(&buf->client_chal, sizeof(buf->client_chal)); | 373 | get_random_bytes(&buf->client_chal, sizeof(buf->client_chal)); |
374 | buf->reserved2 = 0; | 374 | buf->reserved2 = 0; |
375 | buf->names[0].type = 0; | 375 | buf->names[0].type = cpu_to_le16(NTLMSSP_DOMAIN_TYPE); |
376 | buf->names[0].length = 0; | 376 | buf->names[0].length = 0; |
377 | buf->names[1].type = 0; | ||
378 | buf->names[1].length = 0; | ||
377 | 379 | ||
378 | /* calculate buf->ntlmv2_hash */ | 380 | /* calculate buf->ntlmv2_hash */ |
379 | rc = calc_ntlmv2_hash(ses, nls_cp); | 381 | rc = calc_ntlmv2_hash(ses, nls_cp); |
diff --git a/fs/cifs/cifspdu.h b/fs/cifs/cifspdu.h index 6df9dadba647..068ef51edbf7 100644 --- a/fs/cifs/cifspdu.h +++ b/fs/cifs/cifspdu.h | |||
@@ -580,6 +580,12 @@ typedef union smb_com_session_setup_andx { | |||
580 | 580 | ||
581 | /* format of NLTMv2 Response ie "case sensitive password" hash when NTLMv2 */ | 581 | /* format of NLTMv2 Response ie "case sensitive password" hash when NTLMv2 */ |
582 | 582 | ||
583 | #define NTLMSSP_SERVER_TYPE 1 | ||
584 | #define NTLMSSP_DOMAIN_TYPE 2 | ||
585 | #define NTLMSSP_FQ_DOMAIN_TYPE 3 | ||
586 | #define NTLMSSP_DNS_DOMAIN_TYPE 4 | ||
587 | #define NTLMSSP_DNS_PARENT_TYPE 5 | ||
588 | |||
583 | struct ntlmssp2_name { | 589 | struct ntlmssp2_name { |
584 | __le16 type; | 590 | __le16 type; |
585 | __le16 length; | 591 | __le16 length; |
@@ -593,7 +599,7 @@ struct ntlmv2_resp { | |||
593 | __le64 time; | 599 | __le64 time; |
594 | __u64 client_chal; /* random */ | 600 | __u64 client_chal; /* random */ |
595 | __u32 reserved2; | 601 | __u32 reserved2; |
596 | struct ntlmssp2_name names[1]; | 602 | struct ntlmssp2_name names[2]; |
597 | /* array of name entries could follow ending in minimum 4 byte struct */ | 603 | /* array of name entries could follow ending in minimum 4 byte struct */ |
598 | } __attribute__((packed)); | 604 | } __attribute__((packed)); |
599 | 605 | ||