diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2010-09-13 15:47:08 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2010-09-13 15:47:08 -0400 |
commit | ed8f425f546a2242a97f61fabcbe9e50a2559a19 (patch) | |
tree | 5e580d4c654191b73fc5981785ebf1e52e575b4a | |
parent | 1421e98662f1cab802e0fa39d16b8dc6b874a4eb (diff) | |
parent | 32670396e7fc6e4f37451a69339968985461a374 (diff) |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6:
cifs: prevent possible memory corruption in cifs_demultiplex_thread
cifs: eliminate some more premature cifsd exits
cifs: prevent cifsd from exiting prematurely
[CIFS] ntlmv2/ntlmssp remove-unused-function CalcNTLMv2_partial_mac_key
cifs: eliminate redundant xdev check in cifs_rename
Revert "[CIFS] Fix ntlmv2 auth with ntlmssp"
Revert "missing changes during ntlmv2/ntlmssp auth and sign"
Revert "Eliminate sparse warning - bad constant expression"
Revert "[CIFS] Eliminate unused variable warning"
-rw-r--r-- | fs/cifs/Kconfig | 2 | ||||
-rw-r--r-- | fs/cifs/asn1.c | 6 | ||||
-rw-r--r-- | fs/cifs/cifsencrypt.c | 418 | ||||
-rw-r--r-- | fs/cifs/cifsglob.h | 25 | ||||
-rw-r--r-- | fs/cifs/cifspdu.h | 7 | ||||
-rw-r--r-- | fs/cifs/cifsproto.h | 13 | ||||
-rw-r--r-- | fs/cifs/cifssmb.c | 13 | ||||
-rw-r--r-- | fs/cifs/connect.c | 71 | ||||
-rw-r--r-- | fs/cifs/inode.c | 30 | ||||
-rw-r--r-- | fs/cifs/netmisc.c | 22 | ||||
-rw-r--r-- | fs/cifs/ntlmssp.h | 13 | ||||
-rw-r--r-- | fs/cifs/sess.c | 132 | ||||
-rw-r--r-- | fs/cifs/transport.c | 6 |
13 files changed, 166 insertions, 592 deletions
diff --git a/fs/cifs/Kconfig b/fs/cifs/Kconfig index 0da1debd499d..917b7d449bb2 100644 --- a/fs/cifs/Kconfig +++ b/fs/cifs/Kconfig | |||
@@ -2,8 +2,6 @@ config CIFS | |||
2 | tristate "CIFS support (advanced network filesystem, SMBFS successor)" | 2 | tristate "CIFS support (advanced network filesystem, SMBFS successor)" |
3 | depends on INET | 3 | depends on INET |
4 | select NLS | 4 | select NLS |
5 | select CRYPTO_MD5 | ||
6 | select CRYPTO_ARC4 | ||
7 | help | 5 | help |
8 | This is the client VFS module for the Common Internet File System | 6 | This is the client VFS module for the Common Internet File System |
9 | (CIFS) protocol which is the successor to the Server Message Block | 7 | (CIFS) protocol which is the successor to the Server Message Block |
diff --git a/fs/cifs/asn1.c b/fs/cifs/asn1.c index 21f0fbd86989..cfd1ce34e0bc 100644 --- a/fs/cifs/asn1.c +++ b/fs/cifs/asn1.c | |||
@@ -597,13 +597,13 @@ decode_negTokenInit(unsigned char *security_blob, int length, | |||
597 | if (compare_oid(oid, oidlen, MSKRB5_OID, | 597 | if (compare_oid(oid, oidlen, MSKRB5_OID, |
598 | MSKRB5_OID_LEN)) | 598 | MSKRB5_OID_LEN)) |
599 | server->sec_mskerberos = true; | 599 | server->sec_mskerberos = true; |
600 | if (compare_oid(oid, oidlen, KRB5U2U_OID, | 600 | else if (compare_oid(oid, oidlen, KRB5U2U_OID, |
601 | KRB5U2U_OID_LEN)) | 601 | KRB5U2U_OID_LEN)) |
602 | server->sec_kerberosu2u = true; | 602 | server->sec_kerberosu2u = true; |
603 | if (compare_oid(oid, oidlen, KRB5_OID, | 603 | else if (compare_oid(oid, oidlen, KRB5_OID, |
604 | KRB5_OID_LEN)) | 604 | KRB5_OID_LEN)) |
605 | server->sec_kerberos = true; | 605 | server->sec_kerberos = true; |
606 | if (compare_oid(oid, oidlen, NTLMSSP_OID, | 606 | else if (compare_oid(oid, oidlen, NTLMSSP_OID, |
607 | NTLMSSP_OID_LEN)) | 607 | NTLMSSP_OID_LEN)) |
608 | server->sec_ntlmssp = true; | 608 | server->sec_ntlmssp = true; |
609 | 609 | ||
diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c index 709f2296bdb4..35042d8f7338 100644 --- a/fs/cifs/cifsencrypt.c +++ b/fs/cifs/cifsencrypt.c | |||
@@ -27,7 +27,6 @@ | |||
27 | #include "md5.h" | 27 | #include "md5.h" |
28 | #include "cifs_unicode.h" | 28 | #include "cifs_unicode.h" |
29 | #include "cifsproto.h" | 29 | #include "cifsproto.h" |
30 | #include "ntlmssp.h" | ||
31 | #include <linux/ctype.h> | 30 | #include <linux/ctype.h> |
32 | #include <linux/random.h> | 31 | #include <linux/random.h> |
33 | 32 | ||
@@ -43,43 +42,21 @@ extern void SMBencrypt(unsigned char *passwd, const unsigned char *c8, | |||
43 | unsigned char *p24); | 42 | unsigned char *p24); |
44 | 43 | ||
45 | static int cifs_calculate_signature(const struct smb_hdr *cifs_pdu, | 44 | static int cifs_calculate_signature(const struct smb_hdr *cifs_pdu, |
46 | struct TCP_Server_Info *server, char *signature) | 45 | const struct mac_key *key, char *signature) |
47 | { | 46 | { |
48 | int rc; | 47 | struct MD5Context context; |
49 | 48 | ||
50 | if (cifs_pdu == NULL || server == NULL || signature == NULL) | 49 | if ((cifs_pdu == NULL) || (signature == NULL) || (key == NULL)) |
51 | return -EINVAL; | 50 | return -EINVAL; |
52 | 51 | ||
53 | if (!server->ntlmssp.sdescmd5) { | 52 | cifs_MD5_init(&context); |
54 | cERROR(1, | 53 | cifs_MD5_update(&context, (char *)&key->data, key->len); |
55 | "cifs_calculate_signature: can't generate signature\n"); | 54 | cifs_MD5_update(&context, cifs_pdu->Protocol, cifs_pdu->smb_buf_length); |
56 | return -1; | ||
57 | } | ||
58 | |||
59 | rc = crypto_shash_init(&server->ntlmssp.sdescmd5->shash); | ||
60 | if (rc) { | ||
61 | cERROR(1, "cifs_calculate_signature: oould not init md5\n"); | ||
62 | return rc; | ||
63 | } | ||
64 | |||
65 | if (server->secType == RawNTLMSSP) | ||
66 | crypto_shash_update(&server->ntlmssp.sdescmd5->shash, | ||
67 | server->session_key.data.ntlmv2.key, | ||
68 | CIFS_NTLMV2_SESSKEY_SIZE); | ||
69 | else | ||
70 | crypto_shash_update(&server->ntlmssp.sdescmd5->shash, | ||
71 | (char *)&server->session_key.data, | ||
72 | server->session_key.len); | ||
73 | |||
74 | crypto_shash_update(&server->ntlmssp.sdescmd5->shash, | ||
75 | cifs_pdu->Protocol, cifs_pdu->smb_buf_length); | ||
76 | 55 | ||
77 | rc = crypto_shash_final(&server->ntlmssp.sdescmd5->shash, signature); | 56 | cifs_MD5_final(signature, &context); |
78 | 57 | return 0; | |
79 | return rc; | ||
80 | } | 58 | } |
81 | 59 | ||
82 | |||
83 | int cifs_sign_smb(struct smb_hdr *cifs_pdu, struct TCP_Server_Info *server, | 60 | int cifs_sign_smb(struct smb_hdr *cifs_pdu, struct TCP_Server_Info *server, |
84 | __u32 *pexpected_response_sequence_number) | 61 | __u32 *pexpected_response_sequence_number) |
85 | { | 62 | { |
@@ -101,7 +78,8 @@ int cifs_sign_smb(struct smb_hdr *cifs_pdu, struct TCP_Server_Info *server, | |||
101 | server->sequence_number++; | 78 | server->sequence_number++; |
102 | spin_unlock(&GlobalMid_Lock); | 79 | spin_unlock(&GlobalMid_Lock); |
103 | 80 | ||
104 | rc = cifs_calculate_signature(cifs_pdu, server, smb_signature); | 81 | rc = cifs_calculate_signature(cifs_pdu, &server->mac_signing_key, |
82 | smb_signature); | ||
105 | if (rc) | 83 | if (rc) |
106 | memset(cifs_pdu->Signature.SecuritySignature, 0, 8); | 84 | memset(cifs_pdu->Signature.SecuritySignature, 0, 8); |
107 | else | 85 | else |
@@ -111,39 +89,21 @@ int cifs_sign_smb(struct smb_hdr *cifs_pdu, struct TCP_Server_Info *server, | |||
111 | } | 89 | } |
112 | 90 | ||
113 | static int cifs_calc_signature2(const struct kvec *iov, int n_vec, | 91 | static int cifs_calc_signature2(const struct kvec *iov, int n_vec, |
114 | struct TCP_Server_Info *server, char *signature) | 92 | const struct mac_key *key, char *signature) |
115 | { | 93 | { |
94 | struct MD5Context context; | ||
116 | int i; | 95 | int i; |
117 | int rc; | ||
118 | 96 | ||
119 | if (iov == NULL || server == NULL || signature == NULL) | 97 | if ((iov == NULL) || (signature == NULL) || (key == NULL)) |
120 | return -EINVAL; | 98 | return -EINVAL; |
121 | 99 | ||
122 | if (!server->ntlmssp.sdescmd5) { | 100 | cifs_MD5_init(&context); |
123 | cERROR(1, "cifs_calc_signature2: can't generate signature\n"); | 101 | cifs_MD5_update(&context, (char *)&key->data, key->len); |
124 | return -1; | ||
125 | } | ||
126 | |||
127 | rc = crypto_shash_init(&server->ntlmssp.sdescmd5->shash); | ||
128 | if (rc) { | ||
129 | cERROR(1, "cifs_calc_signature2: oould not init md5\n"); | ||
130 | return rc; | ||
131 | } | ||
132 | |||
133 | if (server->secType == RawNTLMSSP) | ||
134 | crypto_shash_update(&server->ntlmssp.sdescmd5->shash, | ||
135 | server->session_key.data.ntlmv2.key, | ||
136 | CIFS_NTLMV2_SESSKEY_SIZE); | ||
137 | else | ||
138 | crypto_shash_update(&server->ntlmssp.sdescmd5->shash, | ||
139 | (char *)&server->session_key.data, | ||
140 | server->session_key.len); | ||
141 | |||
142 | for (i = 0; i < n_vec; i++) { | 102 | for (i = 0; i < n_vec; i++) { |
143 | if (iov[i].iov_len == 0) | 103 | if (iov[i].iov_len == 0) |
144 | continue; | 104 | continue; |
145 | if (iov[i].iov_base == NULL) { | 105 | if (iov[i].iov_base == NULL) { |
146 | cERROR(1, "cifs_calc_signature2: null iovec entry"); | 106 | cERROR(1, "null iovec entry"); |
147 | return -EIO; | 107 | return -EIO; |
148 | } | 108 | } |
149 | /* The first entry includes a length field (which does not get | 109 | /* The first entry includes a length field (which does not get |
@@ -151,18 +111,18 @@ static int cifs_calc_signature2(const struct kvec *iov, int n_vec, | |||
151 | if (i == 0) { | 111 | if (i == 0) { |
152 | if (iov[0].iov_len <= 8) /* cmd field at offset 9 */ | 112 | if (iov[0].iov_len <= 8) /* cmd field at offset 9 */ |
153 | break; /* nothing to sign or corrupt header */ | 113 | break; /* nothing to sign or corrupt header */ |
154 | crypto_shash_update(&server->ntlmssp.sdescmd5->shash, | 114 | cifs_MD5_update(&context, iov[0].iov_base+4, |
155 | iov[i].iov_base + 4, iov[i].iov_len - 4); | 115 | iov[0].iov_len-4); |
156 | } else | 116 | } else |
157 | crypto_shash_update(&server->ntlmssp.sdescmd5->shash, | 117 | cifs_MD5_update(&context, iov[i].iov_base, iov[i].iov_len); |
158 | iov[i].iov_base, iov[i].iov_len); | ||
159 | } | 118 | } |
160 | 119 | ||
161 | rc = crypto_shash_final(&server->ntlmssp.sdescmd5->shash, signature); | 120 | cifs_MD5_final(signature, &context); |
162 | 121 | ||
163 | return rc; | 122 | return 0; |
164 | } | 123 | } |
165 | 124 | ||
125 | |||
166 | int cifs_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *server, | 126 | int cifs_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *server, |
167 | __u32 *pexpected_response_sequence_number) | 127 | __u32 *pexpected_response_sequence_number) |
168 | { | 128 | { |
@@ -185,7 +145,8 @@ int cifs_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *server, | |||
185 | server->sequence_number++; | 145 | server->sequence_number++; |
186 | spin_unlock(&GlobalMid_Lock); | 146 | spin_unlock(&GlobalMid_Lock); |
187 | 147 | ||
188 | rc = cifs_calc_signature2(iov, n_vec, server, smb_signature); | 148 | rc = cifs_calc_signature2(iov, n_vec, &server->mac_signing_key, |
149 | smb_signature); | ||
189 | if (rc) | 150 | if (rc) |
190 | memset(cifs_pdu->Signature.SecuritySignature, 0, 8); | 151 | memset(cifs_pdu->Signature.SecuritySignature, 0, 8); |
191 | else | 152 | else |
@@ -195,14 +156,14 @@ int cifs_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *server, | |||
195 | } | 156 | } |
196 | 157 | ||
197 | int cifs_verify_signature(struct smb_hdr *cifs_pdu, | 158 | int cifs_verify_signature(struct smb_hdr *cifs_pdu, |
198 | struct TCP_Server_Info *server, | 159 | const struct mac_key *mac_key, |
199 | __u32 expected_sequence_number) | 160 | __u32 expected_sequence_number) |
200 | { | 161 | { |
201 | int rc; | 162 | unsigned int rc; |
202 | char server_response_sig[8]; | 163 | char server_response_sig[8]; |
203 | char what_we_think_sig_should_be[20]; | 164 | char what_we_think_sig_should_be[20]; |
204 | 165 | ||
205 | if (cifs_pdu == NULL || server == NULL) | 166 | if ((cifs_pdu == NULL) || (mac_key == NULL)) |
206 | return -EINVAL; | 167 | return -EINVAL; |
207 | 168 | ||
208 | if (cifs_pdu->Command == SMB_COM_NEGOTIATE) | 169 | if (cifs_pdu->Command == SMB_COM_NEGOTIATE) |
@@ -231,7 +192,7 @@ int cifs_verify_signature(struct smb_hdr *cifs_pdu, | |||
231 | cpu_to_le32(expected_sequence_number); | 192 | cpu_to_le32(expected_sequence_number); |
232 | cifs_pdu->Signature.Sequence.Reserved = 0; | 193 | cifs_pdu->Signature.Sequence.Reserved = 0; |
233 | 194 | ||
234 | rc = cifs_calculate_signature(cifs_pdu, server, | 195 | rc = cifs_calculate_signature(cifs_pdu, mac_key, |
235 | what_we_think_sig_should_be); | 196 | what_we_think_sig_should_be); |
236 | 197 | ||
237 | if (rc) | 198 | if (rc) |
@@ -248,7 +209,7 @@ int cifs_verify_signature(struct smb_hdr *cifs_pdu, | |||
248 | } | 209 | } |
249 | 210 | ||
250 | /* We fill in key by putting in 40 byte array which was allocated by caller */ | 211 | /* We fill in key by putting in 40 byte array which was allocated by caller */ |
251 | int cifs_calculate_session_key(struct session_key *key, const char *rn, | 212 | int cifs_calculate_mac_key(struct mac_key *key, const char *rn, |
252 | const char *password) | 213 | const char *password) |
253 | { | 214 | { |
254 | char temp_key[16]; | 215 | char temp_key[16]; |
@@ -306,52 +267,38 @@ static int calc_ntlmv2_hash(struct cifsSesInfo *ses, | |||
306 | { | 267 | { |
307 | int rc = 0; | 268 | int rc = 0; |
308 | int len; | 269 | int len; |
309 | char nt_hash[CIFS_NTHASH_SIZE]; | 270 | char nt_hash[16]; |
271 | struct HMACMD5Context *pctxt; | ||
310 | wchar_t *user; | 272 | wchar_t *user; |
311 | wchar_t *domain; | 273 | wchar_t *domain; |
312 | wchar_t *server; | ||
313 | 274 | ||
314 | if (!ses->server->ntlmssp.sdeschmacmd5) { | 275 | pctxt = kmalloc(sizeof(struct HMACMD5Context), GFP_KERNEL); |
315 | cERROR(1, "calc_ntlmv2_hash: can't generate ntlmv2 hash\n"); | 276 | |
316 | return -1; | 277 | if (pctxt == NULL) |
317 | } | 278 | return -ENOMEM; |
318 | 279 | ||
319 | /* calculate md4 hash of password */ | 280 | /* calculate md4 hash of password */ |
320 | E_md4hash(ses->password, nt_hash); | 281 | E_md4hash(ses->password, nt_hash); |
321 | 282 | ||
322 | crypto_shash_setkey(ses->server->ntlmssp.hmacmd5, nt_hash, | 283 | /* convert Domainname to unicode and uppercase */ |
323 | CIFS_NTHASH_SIZE); | 284 | hmac_md5_init_limK_to_64(nt_hash, 16, pctxt); |
324 | |||
325 | rc = crypto_shash_init(&ses->server->ntlmssp.sdeschmacmd5->shash); | ||
326 | if (rc) { | ||
327 | cERROR(1, "calc_ntlmv2_hash: could not init hmacmd5\n"); | ||
328 | return rc; | ||
329 | } | ||
330 | 285 | ||
331 | /* convert ses->userName to unicode and uppercase */ | 286 | /* convert ses->userName to unicode and uppercase */ |
332 | len = strlen(ses->userName); | 287 | len = strlen(ses->userName); |
333 | user = kmalloc(2 + (len * 2), GFP_KERNEL); | 288 | user = kmalloc(2 + (len * 2), GFP_KERNEL); |
334 | if (user == NULL) { | 289 | if (user == NULL) |
335 | cERROR(1, "calc_ntlmv2_hash: user mem alloc failure\n"); | ||
336 | rc = -ENOMEM; | ||
337 | goto calc_exit_2; | 290 | goto calc_exit_2; |
338 | } | ||
339 | len = cifs_strtoUCS((__le16 *)user, ses->userName, len, nls_cp); | 291 | len = cifs_strtoUCS((__le16 *)user, ses->userName, len, nls_cp); |
340 | UniStrupr(user); | 292 | UniStrupr(user); |
341 | 293 | hmac_md5_update((char *)user, 2*len, pctxt); | |
342 | crypto_shash_update(&ses->server->ntlmssp.sdeschmacmd5->shash, | ||
343 | (char *)user, 2 * len); | ||
344 | 294 | ||
345 | /* convert ses->domainName to unicode and uppercase */ | 295 | /* convert ses->domainName to unicode and uppercase */ |
346 | if (ses->domainName) { | 296 | if (ses->domainName) { |
347 | len = strlen(ses->domainName); | 297 | len = strlen(ses->domainName); |
348 | 298 | ||
349 | domain = kmalloc(2 + (len * 2), GFP_KERNEL); | 299 | domain = kmalloc(2 + (len * 2), GFP_KERNEL); |
350 | if (domain == NULL) { | 300 | if (domain == NULL) |
351 | cERROR(1, "calc_ntlmv2_hash: domain mem alloc failure"); | ||
352 | rc = -ENOMEM; | ||
353 | goto calc_exit_1; | 301 | goto calc_exit_1; |
354 | } | ||
355 | len = cifs_strtoUCS((__le16 *)domain, ses->domainName, len, | 302 | len = cifs_strtoUCS((__le16 *)domain, ses->domainName, len, |
356 | nls_cp); | 303 | nls_cp); |
357 | /* the following line was removed since it didn't work well | 304 | /* the following line was removed since it didn't work well |
@@ -359,292 +306,65 @@ static int calc_ntlmv2_hash(struct cifsSesInfo *ses, | |||
359 | Maybe converting the domain name earlier makes sense */ | 306 | Maybe converting the domain name earlier makes sense */ |
360 | /* UniStrupr(domain); */ | 307 | /* UniStrupr(domain); */ |
361 | 308 | ||
362 | crypto_shash_update(&ses->server->ntlmssp.sdeschmacmd5->shash, | 309 | hmac_md5_update((char *)domain, 2*len, pctxt); |
363 | (char *)domain, 2 * len); | ||
364 | 310 | ||
365 | kfree(domain); | 311 | kfree(domain); |
366 | } else if (ses->serverName) { | ||
367 | len = strlen(ses->serverName); | ||
368 | |||
369 | server = kmalloc(2 + (len * 2), GFP_KERNEL); | ||
370 | if (server == NULL) { | ||
371 | cERROR(1, "calc_ntlmv2_hash: server mem alloc failure"); | ||
372 | rc = -ENOMEM; | ||
373 | goto calc_exit_1; | ||
374 | } | ||
375 | len = cifs_strtoUCS((__le16 *)server, ses->serverName, len, | ||
376 | nls_cp); | ||
377 | /* the following line was removed since it didn't work well | ||
378 | with lower cased domain name that passed as an option. | ||
379 | Maybe converting the domain name earlier makes sense */ | ||
380 | /* UniStrupr(domain); */ | ||
381 | |||
382 | crypto_shash_update(&ses->server->ntlmssp.sdeschmacmd5->shash, | ||
383 | (char *)server, 2 * len); | ||
384 | |||
385 | kfree(server); | ||
386 | } | 312 | } |
387 | |||
388 | rc = crypto_shash_final(&ses->server->ntlmssp.sdeschmacmd5->shash, | ||
389 | ses->server->ntlmv2_hash); | ||
390 | |||
391 | calc_exit_1: | 313 | calc_exit_1: |
392 | kfree(user); | 314 | kfree(user); |
393 | calc_exit_2: | 315 | calc_exit_2: |
394 | /* BB FIXME what about bytes 24 through 40 of the signing key? | 316 | /* BB FIXME what about bytes 24 through 40 of the signing key? |
395 | compare with the NTLM example */ | 317 | compare with the NTLM example */ |
318 | hmac_md5_final(ses->server->ntlmv2_hash, pctxt); | ||
396 | 319 | ||
320 | kfree(pctxt); | ||
397 | return rc; | 321 | return rc; |
398 | } | 322 | } |
399 | 323 | ||
400 | static int | 324 | void setup_ntlmv2_rsp(struct cifsSesInfo *ses, char *resp_buf, |
401 | find_domain_name(struct cifsSesInfo *ses) | ||
402 | { | ||
403 | int rc = 0; | ||
404 | unsigned int attrsize; | ||
405 | unsigned int type; | ||
406 | unsigned char *blobptr; | ||
407 | struct ntlmssp2_name *attrptr; | ||
408 | |||
409 | if (ses->server->tiblob) { | ||
410 | blobptr = ses->server->tiblob; | ||
411 | attrptr = (struct ntlmssp2_name *) blobptr; | ||
412 | |||
413 | while ((type = attrptr->type) != 0) { | ||
414 | blobptr += 2; /* advance attr type */ | ||
415 | attrsize = attrptr->length; | ||
416 | blobptr += 2; /* advance attr size */ | ||
417 | if (type == NTLMSSP_AV_NB_DOMAIN_NAME) { | ||
418 | if (!ses->domainName) { | ||
419 | ses->domainName = | ||
420 | kmalloc(attrptr->length + 1, | ||
421 | GFP_KERNEL); | ||
422 | if (!ses->domainName) | ||
423 | return -ENOMEM; | ||
424 | cifs_from_ucs2(ses->domainName, | ||
425 | (__le16 *)blobptr, | ||
426 | attrptr->length, | ||
427 | attrptr->length, | ||
428 | load_nls_default(), false); | ||
429 | } | ||
430 | } | ||
431 | blobptr += attrsize; /* advance attr value */ | ||
432 | attrptr = (struct ntlmssp2_name *) blobptr; | ||
433 | } | ||
434 | } else { | ||
435 | ses->server->tilen = 2 * sizeof(struct ntlmssp2_name); | ||
436 | ses->server->tiblob = kmalloc(ses->server->tilen, GFP_KERNEL); | ||
437 | if (!ses->server->tiblob) { | ||
438 | ses->server->tilen = 0; | ||
439 | cERROR(1, "Challenge target info allocation failure"); | ||
440 | return -ENOMEM; | ||
441 | } | ||
442 | memset(ses->server->tiblob, 0x0, ses->server->tilen); | ||
443 | attrptr = (struct ntlmssp2_name *) ses->server->tiblob; | ||
444 | attrptr->type = cpu_to_le16(NTLMSSP_DOMAIN_TYPE); | ||
445 | } | ||
446 | |||
447 | return rc; | ||
448 | } | ||
449 | |||
450 | static int | ||
451 | CalcNTLMv2_response(const struct TCP_Server_Info *server, | ||
452 | char *v2_session_response) | ||
453 | { | ||
454 | int rc; | ||
455 | |||
456 | if (!server->ntlmssp.sdeschmacmd5) { | ||
457 | cERROR(1, "calc_ntlmv2_hash: can't generate ntlmv2 hash\n"); | ||
458 | return -1; | ||
459 | } | ||
460 | |||
461 | crypto_shash_setkey(server->ntlmssp.hmacmd5, server->ntlmv2_hash, | ||
462 | CIFS_HMAC_MD5_HASH_SIZE); | ||
463 | |||
464 | rc = crypto_shash_init(&server->ntlmssp.sdeschmacmd5->shash); | ||
465 | if (rc) { | ||
466 | cERROR(1, "CalcNTLMv2_response: could not init hmacmd5"); | ||
467 | return rc; | ||
468 | } | ||
469 | |||
470 | memcpy(v2_session_response + CIFS_SERVER_CHALLENGE_SIZE, | ||
471 | server->cryptKey, CIFS_SERVER_CHALLENGE_SIZE); | ||
472 | crypto_shash_update(&server->ntlmssp.sdeschmacmd5->shash, | ||
473 | v2_session_response + CIFS_SERVER_CHALLENGE_SIZE, | ||
474 | sizeof(struct ntlmv2_resp) - CIFS_SERVER_CHALLENGE_SIZE); | ||
475 | |||
476 | if (server->tilen) | ||
477 | crypto_shash_update(&server->ntlmssp.sdeschmacmd5->shash, | ||
478 | server->tiblob, server->tilen); | ||
479 | |||
480 | rc = crypto_shash_final(&server->ntlmssp.sdeschmacmd5->shash, | ||
481 | v2_session_response); | ||
482 | |||
483 | return rc; | ||
484 | } | ||
485 | |||
486 | int | ||
487 | setup_ntlmv2_rsp(struct cifsSesInfo *ses, char *resp_buf, | ||
488 | const struct nls_table *nls_cp) | 325 | const struct nls_table *nls_cp) |
489 | { | 326 | { |
490 | int rc = 0; | 327 | int rc; |
491 | struct ntlmv2_resp *buf = (struct ntlmv2_resp *)resp_buf; | 328 | struct ntlmv2_resp *buf = (struct ntlmv2_resp *)resp_buf; |
329 | struct HMACMD5Context context; | ||
492 | 330 | ||
493 | buf->blob_signature = cpu_to_le32(0x00000101); | 331 | buf->blob_signature = cpu_to_le32(0x00000101); |
494 | buf->reserved = 0; | 332 | buf->reserved = 0; |
495 | buf->time = cpu_to_le64(cifs_UnixTimeToNT(CURRENT_TIME)); | 333 | buf->time = cpu_to_le64(cifs_UnixTimeToNT(CURRENT_TIME)); |
496 | get_random_bytes(&buf->client_chal, sizeof(buf->client_chal)); | 334 | get_random_bytes(&buf->client_chal, sizeof(buf->client_chal)); |
497 | buf->reserved2 = 0; | 335 | buf->reserved2 = 0; |
498 | 336 | buf->names[0].type = cpu_to_le16(NTLMSSP_DOMAIN_TYPE); | |
499 | if (!ses->domainName) { | 337 | buf->names[0].length = 0; |
500 | rc = find_domain_name(ses); | 338 | buf->names[1].type = 0; |
501 | if (rc) { | 339 | buf->names[1].length = 0; |
502 | cERROR(1, "could not get domain/server name rc %d", rc); | ||
503 | return rc; | ||
504 | } | ||
505 | } | ||
506 | 340 | ||
507 | /* calculate buf->ntlmv2_hash */ | 341 | /* calculate buf->ntlmv2_hash */ |
508 | rc = calc_ntlmv2_hash(ses, nls_cp); | 342 | rc = calc_ntlmv2_hash(ses, nls_cp); |
509 | if (rc) { | 343 | if (rc) |
510 | cERROR(1, "could not get v2 hash rc %d", rc); | ||
511 | return rc; | ||
512 | } | ||
513 | rc = CalcNTLMv2_response(ses->server, resp_buf); | ||
514 | if (rc) { | ||
515 | cERROR(1, "could not get v2 hash rc %d", rc); | 344 | cERROR(1, "could not get v2 hash rc %d", rc); |
516 | return rc; | 345 | CalcNTLMv2_response(ses, resp_buf); |
517 | } | ||
518 | |||
519 | if (!ses->server->ntlmssp.sdeschmacmd5) { | ||
520 | cERROR(1, "calc_ntlmv2_hash: can't generate ntlmv2 hash\n"); | ||
521 | return -1; | ||
522 | } | ||
523 | |||
524 | crypto_shash_setkey(ses->server->ntlmssp.hmacmd5, | ||
525 | ses->server->ntlmv2_hash, CIFS_HMAC_MD5_HASH_SIZE); | ||
526 | 346 | ||
527 | rc = crypto_shash_init(&ses->server->ntlmssp.sdeschmacmd5->shash); | 347 | /* now calculate the MAC key for NTLMv2 */ |
528 | if (rc) { | 348 | hmac_md5_init_limK_to_64(ses->server->ntlmv2_hash, 16, &context); |
529 | cERROR(1, "setup_ntlmv2_rsp: could not init hmacmd5\n"); | 349 | hmac_md5_update(resp_buf, 16, &context); |
530 | return rc; | 350 | hmac_md5_final(ses->server->mac_signing_key.data.ntlmv2.key, &context); |
531 | } | ||
532 | 351 | ||
533 | crypto_shash_update(&ses->server->ntlmssp.sdeschmacmd5->shash, | 352 | memcpy(&ses->server->mac_signing_key.data.ntlmv2.resp, resp_buf, |
534 | resp_buf, CIFS_HMAC_MD5_HASH_SIZE); | 353 | sizeof(struct ntlmv2_resp)); |
535 | 354 | ses->server->mac_signing_key.len = 16 + sizeof(struct ntlmv2_resp); | |
536 | rc = crypto_shash_final(&ses->server->ntlmssp.sdeschmacmd5->shash, | ||
537 | ses->server->session_key.data.ntlmv2.key); | ||
538 | |||
539 | memcpy(&ses->server->session_key.data.ntlmv2.resp, resp_buf, | ||
540 | sizeof(struct ntlmv2_resp)); | ||
541 | ses->server->session_key.len = 16 + sizeof(struct ntlmv2_resp); | ||
542 | |||
543 | return rc; | ||
544 | } | 355 | } |
545 | 356 | ||
546 | int | 357 | void CalcNTLMv2_response(const struct cifsSesInfo *ses, |
547 | calc_seckey(struct TCP_Server_Info *server) | 358 | char *v2_session_response) |
548 | { | ||
549 | int rc; | ||
550 | unsigned char sec_key[CIFS_NTLMV2_SESSKEY_SIZE]; | ||
551 | struct crypto_blkcipher *tfm_arc4; | ||
552 | struct scatterlist sgin, sgout; | ||
553 | struct blkcipher_desc desc; | ||
554 | |||
555 | get_random_bytes(sec_key, CIFS_NTLMV2_SESSKEY_SIZE); | ||
556 | |||
557 | tfm_arc4 = crypto_alloc_blkcipher("ecb(arc4)", | ||
558 | 0, CRYPTO_ALG_ASYNC); | ||
559 | if (!tfm_arc4 || IS_ERR(tfm_arc4)) { | ||
560 | cERROR(1, "could not allocate " "master crypto API arc4\n"); | ||
561 | return 1; | ||
562 | } | ||
563 | |||
564 | desc.tfm = tfm_arc4; | ||
565 | |||
566 | crypto_blkcipher_setkey(tfm_arc4, | ||
567 | server->session_key.data.ntlmv2.key, CIFS_CPHTXT_SIZE); | ||
568 | sg_init_one(&sgin, sec_key, CIFS_CPHTXT_SIZE); | ||
569 | sg_init_one(&sgout, server->ntlmssp.ciphertext, CIFS_CPHTXT_SIZE); | ||
570 | rc = crypto_blkcipher_encrypt(&desc, &sgout, &sgin, CIFS_CPHTXT_SIZE); | ||
571 | |||
572 | if (!rc) | ||
573 | memcpy(server->session_key.data.ntlmv2.key, | ||
574 | sec_key, CIFS_NTLMV2_SESSKEY_SIZE); | ||
575 | |||
576 | crypto_free_blkcipher(tfm_arc4); | ||
577 | |||
578 | return 0; | ||
579 | } | ||
580 | |||
581 | void | ||
582 | cifs_crypto_shash_release(struct TCP_Server_Info *server) | ||
583 | { | ||
584 | if (server->ntlmssp.md5) | ||
585 | crypto_free_shash(server->ntlmssp.md5); | ||
586 | |||
587 | if (server->ntlmssp.hmacmd5) | ||
588 | crypto_free_shash(server->ntlmssp.hmacmd5); | ||
589 | |||
590 | kfree(server->ntlmssp.sdeschmacmd5); | ||
591 | |||
592 | kfree(server->ntlmssp.sdescmd5); | ||
593 | } | ||
594 | |||
595 | int | ||
596 | cifs_crypto_shash_allocate(struct TCP_Server_Info *server) | ||
597 | { | 359 | { |
598 | int rc; | 360 | struct HMACMD5Context context; |
599 | unsigned int size; | 361 | /* rest of v2 struct already generated */ |
600 | 362 | memcpy(v2_session_response + 8, ses->server->cryptKey, 8); | |
601 | server->ntlmssp.hmacmd5 = crypto_alloc_shash("hmac(md5)", 0, 0); | 363 | hmac_md5_init_limK_to_64(ses->server->ntlmv2_hash, 16, &context); |
602 | if (!server->ntlmssp.hmacmd5 || | ||
603 | IS_ERR(server->ntlmssp.hmacmd5)) { | ||
604 | cERROR(1, "could not allocate crypto hmacmd5\n"); | ||
605 | return 1; | ||
606 | } | ||
607 | |||
608 | server->ntlmssp.md5 = crypto_alloc_shash("md5", 0, 0); | ||
609 | if (!server->ntlmssp.md5 || IS_ERR(server->ntlmssp.md5)) { | ||
610 | cERROR(1, "could not allocate crypto md5\n"); | ||
611 | rc = 1; | ||
612 | goto cifs_crypto_shash_allocate_ret1; | ||
613 | } | ||
614 | |||
615 | size = sizeof(struct shash_desc) + | ||
616 | crypto_shash_descsize(server->ntlmssp.hmacmd5); | ||
617 | server->ntlmssp.sdeschmacmd5 = kmalloc(size, GFP_KERNEL); | ||
618 | if (!server->ntlmssp.sdeschmacmd5) { | ||
619 | cERROR(1, "cifs_crypto_shash_allocate: can't alloc hmacmd5\n"); | ||
620 | rc = -ENOMEM; | ||
621 | goto cifs_crypto_shash_allocate_ret2; | ||
622 | } | ||
623 | server->ntlmssp.sdeschmacmd5->shash.tfm = server->ntlmssp.hmacmd5; | ||
624 | server->ntlmssp.sdeschmacmd5->shash.flags = 0x0; | ||
625 | 364 | ||
365 | hmac_md5_update(v2_session_response+8, | ||
366 | sizeof(struct ntlmv2_resp) - 8, &context); | ||
626 | 367 | ||
627 | size = sizeof(struct shash_desc) + | 368 | hmac_md5_final(v2_session_response, &context); |
628 | crypto_shash_descsize(server->ntlmssp.md5); | 369 | /* cifs_dump_mem("v2_sess_rsp: ", v2_session_response, 32); */ |
629 | server->ntlmssp.sdescmd5 = kmalloc(size, GFP_KERNEL); | ||
630 | if (!server->ntlmssp.sdescmd5) { | ||
631 | cERROR(1, "cifs_crypto_shash_allocate: can't alloc md5\n"); | ||
632 | rc = -ENOMEM; | ||
633 | goto cifs_crypto_shash_allocate_ret3; | ||
634 | } | ||
635 | server->ntlmssp.sdescmd5->shash.tfm = server->ntlmssp.md5; | ||
636 | server->ntlmssp.sdescmd5->shash.flags = 0x0; | ||
637 | |||
638 | return 0; | ||
639 | |||
640 | cifs_crypto_shash_allocate_ret3: | ||
641 | kfree(server->ntlmssp.sdeschmacmd5); | ||
642 | |||
643 | cifs_crypto_shash_allocate_ret2: | ||
644 | crypto_free_shash(server->ntlmssp.md5); | ||
645 | |||
646 | cifs_crypto_shash_allocate_ret1: | ||
647 | crypto_free_shash(server->ntlmssp.hmacmd5); | ||
648 | |||
649 | return rc; | ||
650 | } | 370 | } |
diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h index c9d0cfc086eb..0cdfb8c32ac6 100644 --- a/fs/cifs/cifsglob.h +++ b/fs/cifs/cifsglob.h | |||
@@ -25,9 +25,6 @@ | |||
25 | #include <linux/workqueue.h> | 25 | #include <linux/workqueue.h> |
26 | #include "cifs_fs_sb.h" | 26 | #include "cifs_fs_sb.h" |
27 | #include "cifsacl.h" | 27 | #include "cifsacl.h" |
28 | #include <crypto/internal/hash.h> | ||
29 | #include <linux/scatterlist.h> | ||
30 | |||
31 | /* | 28 | /* |
32 | * The sizes of various internal tables and strings | 29 | * The sizes of various internal tables and strings |
33 | */ | 30 | */ |
@@ -100,7 +97,7 @@ enum protocolEnum { | |||
100 | /* Netbios frames protocol not supported at this time */ | 97 | /* Netbios frames protocol not supported at this time */ |
101 | }; | 98 | }; |
102 | 99 | ||
103 | struct session_key { | 100 | struct mac_key { |
104 | unsigned int len; | 101 | unsigned int len; |
105 | union { | 102 | union { |
106 | char ntlm[CIFS_SESS_KEY_SIZE + 16]; | 103 | char ntlm[CIFS_SESS_KEY_SIZE + 16]; |
@@ -123,21 +120,6 @@ struct cifs_cred { | |||
123 | struct cifs_ace *aces; | 120 | struct cifs_ace *aces; |
124 | }; | 121 | }; |
125 | 122 | ||
126 | struct sdesc { | ||
127 | struct shash_desc shash; | ||
128 | char ctx[]; | ||
129 | }; | ||
130 | |||
131 | struct ntlmssp_auth { | ||
132 | __u32 client_flags; | ||
133 | __u32 server_flags; | ||
134 | unsigned char ciphertext[CIFS_CPHTXT_SIZE]; | ||
135 | struct crypto_shash *hmacmd5; | ||
136 | struct crypto_shash *md5; | ||
137 | struct sdesc *sdeschmacmd5; | ||
138 | struct sdesc *sdescmd5; | ||
139 | }; | ||
140 | |||
141 | /* | 123 | /* |
142 | ***************************************************************** | 124 | ***************************************************************** |
143 | * Except the CIFS PDUs themselves all the | 125 | * Except the CIFS PDUs themselves all the |
@@ -200,14 +182,11 @@ struct TCP_Server_Info { | |||
200 | /* 16th byte of RFC1001 workstation name is always null */ | 182 | /* 16th byte of RFC1001 workstation name is always null */ |
201 | char workstation_RFC1001_name[RFC1001_NAME_LEN_WITH_NULL]; | 183 | char workstation_RFC1001_name[RFC1001_NAME_LEN_WITH_NULL]; |
202 | __u32 sequence_number; /* needed for CIFS PDU signature */ | 184 | __u32 sequence_number; /* needed for CIFS PDU signature */ |
203 | struct session_key session_key; | 185 | struct mac_key mac_signing_key; |
204 | char ntlmv2_hash[16]; | 186 | char ntlmv2_hash[16]; |
205 | unsigned long lstrp; /* when we got last response from this server */ | 187 | unsigned long lstrp; /* when we got last response from this server */ |
206 | u16 dialect; /* dialect index that server chose */ | 188 | u16 dialect; /* dialect index that server chose */ |
207 | /* extended security flavors that server supports */ | 189 | /* extended security flavors that server supports */ |
208 | unsigned int tilen; /* length of the target info blob */ | ||
209 | unsigned char *tiblob; /* target info blob in challenge response */ | ||
210 | struct ntlmssp_auth ntlmssp; /* various keys, ciphers, flags */ | ||
211 | bool sec_kerberos; /* supports plain Kerberos */ | 190 | bool sec_kerberos; /* supports plain Kerberos */ |
212 | bool sec_mskerberos; /* supports legacy MS Kerberos */ | 191 | bool sec_mskerberos; /* supports legacy MS Kerberos */ |
213 | bool sec_kerberosu2u; /* supports U2U Kerberos */ | 192 | bool sec_kerberosu2u; /* supports U2U Kerberos */ |
diff --git a/fs/cifs/cifspdu.h b/fs/cifs/cifspdu.h index 320e0fd0ba7b..14d036d8db11 100644 --- a/fs/cifs/cifspdu.h +++ b/fs/cifs/cifspdu.h | |||
@@ -134,12 +134,6 @@ | |||
134 | * Size of the session key (crypto key encrypted with the password | 134 | * Size of the session key (crypto key encrypted with the password |
135 | */ | 135 | */ |
136 | #define CIFS_SESS_KEY_SIZE (24) | 136 | #define CIFS_SESS_KEY_SIZE (24) |
137 | #define CIFS_CLIENT_CHALLENGE_SIZE (8) | ||
138 | #define CIFS_SERVER_CHALLENGE_SIZE (8) | ||
139 | #define CIFS_HMAC_MD5_HASH_SIZE (16) | ||
140 | #define CIFS_CPHTXT_SIZE (16) | ||
141 | #define CIFS_NTLMV2_SESSKEY_SIZE (16) | ||
142 | #define CIFS_NTHASH_SIZE (16) | ||
143 | 137 | ||
144 | /* | 138 | /* |
145 | * Maximum user name length | 139 | * Maximum user name length |
@@ -669,6 +663,7 @@ struct ntlmv2_resp { | |||
669 | __le64 time; | 663 | __le64 time; |
670 | __u64 client_chal; /* random */ | 664 | __u64 client_chal; /* random */ |
671 | __u32 reserved2; | 665 | __u32 reserved2; |
666 | struct ntlmssp2_name names[2]; | ||
672 | /* array of name entries could follow ending in minimum 4 byte struct */ | 667 | /* array of name entries could follow ending in minimum 4 byte struct */ |
673 | } __attribute__((packed)); | 668 | } __attribute__((packed)); |
674 | 669 | ||
diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h index 1378d9133844..1d60c655e3e0 100644 --- a/fs/cifs/cifsproto.h +++ b/fs/cifs/cifsproto.h | |||
@@ -87,8 +87,9 @@ extern unsigned int smbCalcSize_LE(struct smb_hdr *ptr); | |||
87 | extern int decode_negTokenInit(unsigned char *security_blob, int length, | 87 | extern int decode_negTokenInit(unsigned char *security_blob, int length, |
88 | struct TCP_Server_Info *server); | 88 | struct TCP_Server_Info *server); |
89 | extern int cifs_convert_address(struct sockaddr *dst, const char *src, int len); | 89 | extern int cifs_convert_address(struct sockaddr *dst, const char *src, int len); |
90 | extern int cifs_set_port(struct sockaddr *addr, const unsigned short int port); | ||
90 | extern int cifs_fill_sockaddr(struct sockaddr *dst, const char *src, int len, | 91 | extern int cifs_fill_sockaddr(struct sockaddr *dst, const char *src, int len, |
91 | unsigned short int port); | 92 | const unsigned short int port); |
92 | extern int map_smb_to_linux_error(struct smb_hdr *smb, int logErr); | 93 | extern int map_smb_to_linux_error(struct smb_hdr *smb, int logErr); |
93 | extern void header_assemble(struct smb_hdr *, char /* command */ , | 94 | extern void header_assemble(struct smb_hdr *, char /* command */ , |
94 | const struct cifsTconInfo *, int /* length of | 95 | const struct cifsTconInfo *, int /* length of |
@@ -361,15 +362,13 @@ extern int cifs_sign_smb(struct smb_hdr *, struct TCP_Server_Info *, __u32 *); | |||
361 | extern int cifs_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *, | 362 | extern int cifs_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *, |
362 | __u32 *); | 363 | __u32 *); |
363 | extern int cifs_verify_signature(struct smb_hdr *, | 364 | extern int cifs_verify_signature(struct smb_hdr *, |
364 | struct TCP_Server_Info *server, | 365 | const struct mac_key *mac_key, |
365 | __u32 expected_sequence_number); | 366 | __u32 expected_sequence_number); |
366 | extern int cifs_calculate_session_key(struct session_key *key, const char *rn, | 367 | extern int cifs_calculate_mac_key(struct mac_key *key, const char *rn, |
367 | const char *pass); | 368 | const char *pass); |
368 | extern int setup_ntlmv2_rsp(struct cifsSesInfo *, char *, | 369 | extern void CalcNTLMv2_response(const struct cifsSesInfo *, char *); |
370 | extern void setup_ntlmv2_rsp(struct cifsSesInfo *, char *, | ||
369 | const struct nls_table *); | 371 | const struct nls_table *); |
370 | extern int cifs_crypto_shash_allocate(struct TCP_Server_Info *); | ||
371 | extern void cifs_crypto_shash_release(struct TCP_Server_Info *); | ||
372 | extern int calc_seckey(struct TCP_Server_Info *); | ||
373 | #ifdef CONFIG_CIFS_WEAK_PW_HASH | 372 | #ifdef CONFIG_CIFS_WEAK_PW_HASH |
374 | extern void calc_lanman_hash(const char *password, const char *cryptkey, | 373 | extern void calc_lanman_hash(const char *password, const char *cryptkey, |
375 | bool encrypt, char *lnm_session_key); | 374 | bool encrypt, char *lnm_session_key); |
diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index 4bda920d1f75..c65c3419dd37 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c | |||
@@ -604,14 +604,11 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses) | |||
604 | else | 604 | else |
605 | rc = -EINVAL; | 605 | rc = -EINVAL; |
606 | 606 | ||
607 | if (server->secType == Kerberos) { | 607 | if (server->sec_kerberos || server->sec_mskerberos) |
608 | if (!server->sec_kerberos && | 608 | server->secType = Kerberos; |
609 | !server->sec_mskerberos) | 609 | else if (server->sec_ntlmssp) |
610 | rc = -EOPNOTSUPP; | 610 | server->secType = RawNTLMSSP; |
611 | } else if (server->secType == RawNTLMSSP) { | 611 | else |
612 | if (!server->sec_ntlmssp) | ||
613 | rc = -EOPNOTSUPP; | ||
614 | } else | ||
615 | rc = -EOPNOTSUPP; | 612 | rc = -EOPNOTSUPP; |
616 | } | 613 | } |
617 | } else | 614 | } else |
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index ec0ea4a43bdb..67dad54fbfa1 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c | |||
@@ -400,7 +400,9 @@ incomplete_rcv: | |||
400 | cFYI(1, "call to reconnect done"); | 400 | cFYI(1, "call to reconnect done"); |
401 | csocket = server->ssocket; | 401 | csocket = server->ssocket; |
402 | continue; | 402 | continue; |
403 | } else if ((length == -ERESTARTSYS) || (length == -EAGAIN)) { | 403 | } else if (length == -ERESTARTSYS || |
404 | length == -EAGAIN || | ||
405 | length == -EINTR) { | ||
404 | msleep(1); /* minimum sleep to prevent looping | 406 | msleep(1); /* minimum sleep to prevent looping |
405 | allowing socket to clear and app threads to set | 407 | allowing socket to clear and app threads to set |
406 | tcpStatus CifsNeedReconnect if server hung */ | 408 | tcpStatus CifsNeedReconnect if server hung */ |
@@ -414,18 +416,6 @@ incomplete_rcv: | |||
414 | } else | 416 | } else |
415 | continue; | 417 | continue; |
416 | } else if (length <= 0) { | 418 | } else if (length <= 0) { |
417 | if (server->tcpStatus == CifsNew) { | ||
418 | cFYI(1, "tcp session abend after SMBnegprot"); | ||
419 | /* some servers kill the TCP session rather than | ||
420 | returning an SMB negprot error, in which | ||
421 | case reconnecting here is not going to help, | ||
422 | and so simply return error to mount */ | ||
423 | break; | ||
424 | } | ||
425 | if (!try_to_freeze() && (length == -EINTR)) { | ||
426 | cFYI(1, "cifsd thread killed"); | ||
427 | break; | ||
428 | } | ||
429 | cFYI(1, "Reconnect after unexpected peek error %d", | 419 | cFYI(1, "Reconnect after unexpected peek error %d", |
430 | length); | 420 | length); |
431 | cifs_reconnect(server); | 421 | cifs_reconnect(server); |
@@ -466,27 +456,19 @@ incomplete_rcv: | |||
466 | an error on SMB negprot response */ | 456 | an error on SMB negprot response */ |
467 | cFYI(1, "Negative RFC1002 Session Response Error 0x%x)", | 457 | cFYI(1, "Negative RFC1002 Session Response Error 0x%x)", |
468 | pdu_length); | 458 | pdu_length); |
469 | if (server->tcpStatus == CifsNew) { | 459 | /* give server a second to clean up */ |
470 | /* if nack on negprot (rather than | 460 | msleep(1000); |
471 | ret of smb negprot error) reconnecting | 461 | /* always try 445 first on reconnect since we get NACK |
472 | not going to help, ret error to mount */ | 462 | * on some if we ever connected to port 139 (the NACK |
473 | break; | 463 | * is since we do not begin with RFC1001 session |
474 | } else { | 464 | * initialize frame) |
475 | /* give server a second to | 465 | */ |
476 | clean up before reconnect attempt */ | 466 | cifs_set_port((struct sockaddr *) |
477 | msleep(1000); | 467 | &server->addr.sockAddr, CIFS_PORT); |
478 | /* always try 445 first on reconnect | 468 | cifs_reconnect(server); |
479 | since we get NACK on some if we ever | 469 | csocket = server->ssocket; |
480 | connected to port 139 (the NACK is | 470 | wake_up(&server->response_q); |
481 | since we do not begin with RFC1001 | 471 | continue; |
482 | session initialize frame) */ | ||
483 | server->addr.sockAddr.sin_port = | ||
484 | htons(CIFS_PORT); | ||
485 | cifs_reconnect(server); | ||
486 | csocket = server->ssocket; | ||
487 | wake_up(&server->response_q); | ||
488 | continue; | ||
489 | } | ||
490 | } else if (temp != (char) 0) { | 472 | } else if (temp != (char) 0) { |
491 | cERROR(1, "Unknown RFC 1002 frame"); | 473 | cERROR(1, "Unknown RFC 1002 frame"); |
492 | cifs_dump_mem(" Received Data: ", (char *)smb_buffer, | 474 | cifs_dump_mem(" Received Data: ", (char *)smb_buffer, |
@@ -522,8 +504,7 @@ incomplete_rcv: | |||
522 | total_read += length) { | 504 | total_read += length) { |
523 | length = kernel_recvmsg(csocket, &smb_msg, &iov, 1, | 505 | length = kernel_recvmsg(csocket, &smb_msg, &iov, 1, |
524 | pdu_length - total_read, 0); | 506 | pdu_length - total_read, 0); |
525 | if ((server->tcpStatus == CifsExiting) || | 507 | if (server->tcpStatus == CifsExiting) { |
526 | (length == -EINTR)) { | ||
527 | /* then will exit */ | 508 | /* then will exit */ |
528 | reconnect = 2; | 509 | reconnect = 2; |
529 | break; | 510 | break; |
@@ -534,8 +515,9 @@ incomplete_rcv: | |||
534 | /* Now we will reread sock */ | 515 | /* Now we will reread sock */ |
535 | reconnect = 1; | 516 | reconnect = 1; |
536 | break; | 517 | break; |
537 | } else if ((length == -ERESTARTSYS) || | 518 | } else if (length == -ERESTARTSYS || |
538 | (length == -EAGAIN)) { | 519 | length == -EAGAIN || |
520 | length == -EINTR) { | ||
539 | msleep(1); /* minimum sleep to prevent looping, | 521 | msleep(1); /* minimum sleep to prevent looping, |
540 | allowing socket to clear and app | 522 | allowing socket to clear and app |
541 | threads to set tcpStatus | 523 | threads to set tcpStatus |
@@ -1708,7 +1690,6 @@ cifs_put_smb_ses(struct cifsSesInfo *ses) | |||
1708 | CIFSSMBLogoff(xid, ses); | 1690 | CIFSSMBLogoff(xid, ses); |
1709 | _FreeXid(xid); | 1691 | _FreeXid(xid); |
1710 | } | 1692 | } |
1711 | cifs_crypto_shash_release(server); | ||
1712 | sesInfoFree(ses); | 1693 | sesInfoFree(ses); |
1713 | cifs_put_tcp_session(server); | 1694 | cifs_put_tcp_session(server); |
1714 | } | 1695 | } |
@@ -1788,23 +1769,13 @@ cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb_vol *volume_info) | |||
1788 | ses->linux_uid = volume_info->linux_uid; | 1769 | ses->linux_uid = volume_info->linux_uid; |
1789 | ses->overrideSecFlg = volume_info->secFlg; | 1770 | ses->overrideSecFlg = volume_info->secFlg; |
1790 | 1771 | ||
1791 | rc = cifs_crypto_shash_allocate(server); | ||
1792 | if (rc) { | ||
1793 | cERROR(1, "could not setup hash structures rc %d", rc); | ||
1794 | goto get_ses_fail; | ||
1795 | } | ||
1796 | server->tilen = 0; | ||
1797 | server->tiblob = NULL; | ||
1798 | |||
1799 | mutex_lock(&ses->session_mutex); | 1772 | mutex_lock(&ses->session_mutex); |
1800 | rc = cifs_negotiate_protocol(xid, ses); | 1773 | rc = cifs_negotiate_protocol(xid, ses); |
1801 | if (!rc) | 1774 | if (!rc) |
1802 | rc = cifs_setup_session(xid, ses, volume_info->local_nls); | 1775 | rc = cifs_setup_session(xid, ses, volume_info->local_nls); |
1803 | mutex_unlock(&ses->session_mutex); | 1776 | mutex_unlock(&ses->session_mutex); |
1804 | if (rc) { | 1777 | if (rc) |
1805 | cifs_crypto_shash_release(ses->server); | ||
1806 | goto get_ses_fail; | 1778 | goto get_ses_fail; |
1807 | } | ||
1808 | 1779 | ||
1809 | /* success, put it on the list */ | 1780 | /* success, put it on the list */ |
1810 | write_lock(&cifs_tcp_ses_lock); | 1781 | write_lock(&cifs_tcp_ses_lock); |
diff --git a/fs/cifs/inode.c b/fs/cifs/inode.c index 86a164f08a74..93f77d438d3c 100644 --- a/fs/cifs/inode.c +++ b/fs/cifs/inode.c | |||
@@ -1462,29 +1462,18 @@ int cifs_rename(struct inode *source_dir, struct dentry *source_dentry, | |||
1462 | { | 1462 | { |
1463 | char *fromName = NULL; | 1463 | char *fromName = NULL; |
1464 | char *toName = NULL; | 1464 | char *toName = NULL; |
1465 | struct cifs_sb_info *cifs_sb_source; | 1465 | struct cifs_sb_info *cifs_sb; |
1466 | struct cifs_sb_info *cifs_sb_target; | ||
1467 | struct cifsTconInfo *tcon; | 1466 | struct cifsTconInfo *tcon; |
1468 | FILE_UNIX_BASIC_INFO *info_buf_source = NULL; | 1467 | FILE_UNIX_BASIC_INFO *info_buf_source = NULL; |
1469 | FILE_UNIX_BASIC_INFO *info_buf_target; | 1468 | FILE_UNIX_BASIC_INFO *info_buf_target; |
1470 | int xid, rc, tmprc; | 1469 | int xid, rc, tmprc; |
1471 | 1470 | ||
1472 | cifs_sb_target = CIFS_SB(target_dir->i_sb); | 1471 | cifs_sb = CIFS_SB(source_dir->i_sb); |
1473 | cifs_sb_source = CIFS_SB(source_dir->i_sb); | 1472 | tcon = cifs_sb->tcon; |
1474 | tcon = cifs_sb_source->tcon; | ||
1475 | 1473 | ||
1476 | xid = GetXid(); | 1474 | xid = GetXid(); |
1477 | 1475 | ||
1478 | /* | 1476 | /* |
1479 | * BB: this might be allowed if same server, but different share. | ||
1480 | * Consider adding support for this | ||
1481 | */ | ||
1482 | if (tcon != cifs_sb_target->tcon) { | ||
1483 | rc = -EXDEV; | ||
1484 | goto cifs_rename_exit; | ||
1485 | } | ||
1486 | |||
1487 | /* | ||
1488 | * we already have the rename sem so we do not need to | 1477 | * we already have the rename sem so we do not need to |
1489 | * grab it again here to protect the path integrity | 1478 | * grab it again here to protect the path integrity |
1490 | */ | 1479 | */ |
@@ -1519,17 +1508,16 @@ int cifs_rename(struct inode *source_dir, struct dentry *source_dentry, | |||
1519 | info_buf_target = info_buf_source + 1; | 1508 | info_buf_target = info_buf_source + 1; |
1520 | tmprc = CIFSSMBUnixQPathInfo(xid, tcon, fromName, | 1509 | tmprc = CIFSSMBUnixQPathInfo(xid, tcon, fromName, |
1521 | info_buf_source, | 1510 | info_buf_source, |
1522 | cifs_sb_source->local_nls, | 1511 | cifs_sb->local_nls, |
1523 | cifs_sb_source->mnt_cifs_flags & | 1512 | cifs_sb->mnt_cifs_flags & |
1524 | CIFS_MOUNT_MAP_SPECIAL_CHR); | 1513 | CIFS_MOUNT_MAP_SPECIAL_CHR); |
1525 | if (tmprc != 0) | 1514 | if (tmprc != 0) |
1526 | goto unlink_target; | 1515 | goto unlink_target; |
1527 | 1516 | ||
1528 | tmprc = CIFSSMBUnixQPathInfo(xid, tcon, | 1517 | tmprc = CIFSSMBUnixQPathInfo(xid, tcon, toName, |
1529 | toName, info_buf_target, | 1518 | info_buf_target, |
1530 | cifs_sb_target->local_nls, | 1519 | cifs_sb->local_nls, |
1531 | /* remap based on source sb */ | 1520 | cifs_sb->mnt_cifs_flags & |
1532 | cifs_sb_source->mnt_cifs_flags & | ||
1533 | CIFS_MOUNT_MAP_SPECIAL_CHR); | 1521 | CIFS_MOUNT_MAP_SPECIAL_CHR); |
1534 | 1522 | ||
1535 | if (tmprc == 0 && (info_buf_source->UniqueId == | 1523 | if (tmprc == 0 && (info_buf_source->UniqueId == |
diff --git a/fs/cifs/netmisc.c b/fs/cifs/netmisc.c index f97851119e6c..9aad47a2d62f 100644 --- a/fs/cifs/netmisc.c +++ b/fs/cifs/netmisc.c | |||
@@ -206,26 +206,30 @@ cifs_convert_address(struct sockaddr *dst, const char *src, int len) | |||
206 | } | 206 | } |
207 | 207 | ||
208 | int | 208 | int |
209 | cifs_fill_sockaddr(struct sockaddr *dst, const char *src, int len, | 209 | cifs_set_port(struct sockaddr *addr, const unsigned short int port) |
210 | const unsigned short int port) | ||
211 | { | 210 | { |
212 | if (!cifs_convert_address(dst, src, len)) | 211 | switch (addr->sa_family) { |
213 | return 0; | ||
214 | |||
215 | switch (dst->sa_family) { | ||
216 | case AF_INET: | 212 | case AF_INET: |
217 | ((struct sockaddr_in *)dst)->sin_port = htons(port); | 213 | ((struct sockaddr_in *)addr)->sin_port = htons(port); |
218 | break; | 214 | break; |
219 | case AF_INET6: | 215 | case AF_INET6: |
220 | ((struct sockaddr_in6 *)dst)->sin6_port = htons(port); | 216 | ((struct sockaddr_in6 *)addr)->sin6_port = htons(port); |
221 | break; | 217 | break; |
222 | default: | 218 | default: |
223 | return 0; | 219 | return 0; |
224 | } | 220 | } |
225 | |||
226 | return 1; | 221 | return 1; |
227 | } | 222 | } |
228 | 223 | ||
224 | int | ||
225 | cifs_fill_sockaddr(struct sockaddr *dst, const char *src, int len, | ||
226 | const unsigned short int port) | ||
227 | { | ||
228 | if (!cifs_convert_address(dst, src, len)) | ||
229 | return 0; | ||
230 | return cifs_set_port(dst, port); | ||
231 | } | ||
232 | |||
229 | /***************************************************************************** | 233 | /***************************************************************************** |
230 | convert a NT status code to a dos class/code | 234 | convert a NT status code to a dos class/code |
231 | *****************************************************************************/ | 235 | *****************************************************************************/ |
diff --git a/fs/cifs/ntlmssp.h b/fs/cifs/ntlmssp.h index 1db0f0746a5b..49c9a4e75319 100644 --- a/fs/cifs/ntlmssp.h +++ b/fs/cifs/ntlmssp.h | |||
@@ -61,19 +61,6 @@ | |||
61 | #define NTLMSSP_NEGOTIATE_KEY_XCH 0x40000000 | 61 | #define NTLMSSP_NEGOTIATE_KEY_XCH 0x40000000 |
62 | #define NTLMSSP_NEGOTIATE_56 0x80000000 | 62 | #define NTLMSSP_NEGOTIATE_56 0x80000000 |
63 | 63 | ||
64 | /* Define AV Pair Field IDs */ | ||
65 | #define NTLMSSP_AV_EOL 0 | ||
66 | #define NTLMSSP_AV_NB_COMPUTER_NAME 1 | ||
67 | #define NTLMSSP_AV_NB_DOMAIN_NAME 2 | ||
68 | #define NTLMSSP_AV_DNS_COMPUTER_NAME 3 | ||
69 | #define NTLMSSP_AV_DNS_DOMAIN_NAME 4 | ||
70 | #define NTLMSSP_AV_DNS_TREE_NAME 5 | ||
71 | #define NTLMSSP_AV_FLAGS 6 | ||
72 | #define NTLMSSP_AV_TIMESTAMP 7 | ||
73 | #define NTLMSSP_AV_RESTRICTION 8 | ||
74 | #define NTLMSSP_AV_TARGET_NAME 9 | ||
75 | #define NTLMSSP_AV_CHANNEL_BINDINGS 10 | ||
76 | |||
77 | /* Although typedefs are not commonly used for structure definitions */ | 64 | /* Although typedefs are not commonly used for structure definitions */ |
78 | /* in the Linux kernel, in this particular case they are useful */ | 65 | /* in the Linux kernel, in this particular case they are useful */ |
79 | /* to more closely match the standards document for NTLMSSP from */ | 66 | /* to more closely match the standards document for NTLMSSP from */ |
diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c index 795095f4eac6..0a57cb7db5dd 100644 --- a/fs/cifs/sess.c +++ b/fs/cifs/sess.c | |||
@@ -383,9 +383,6 @@ static int decode_ascii_ssetup(char **pbcc_area, int bleft, | |||
383 | static int decode_ntlmssp_challenge(char *bcc_ptr, int blob_len, | 383 | static int decode_ntlmssp_challenge(char *bcc_ptr, int blob_len, |
384 | struct cifsSesInfo *ses) | 384 | struct cifsSesInfo *ses) |
385 | { | 385 | { |
386 | unsigned int tioffset; /* challeng message target info area */ | ||
387 | unsigned int tilen; /* challeng message target info area length */ | ||
388 | |||
389 | CHALLENGE_MESSAGE *pblob = (CHALLENGE_MESSAGE *)bcc_ptr; | 386 | CHALLENGE_MESSAGE *pblob = (CHALLENGE_MESSAGE *)bcc_ptr; |
390 | 387 | ||
391 | if (blob_len < sizeof(CHALLENGE_MESSAGE)) { | 388 | if (blob_len < sizeof(CHALLENGE_MESSAGE)) { |
@@ -408,20 +405,6 @@ static int decode_ntlmssp_challenge(char *bcc_ptr, int blob_len, | |||
408 | /* BB spec says that if AvId field of MsvAvTimestamp is populated then | 405 | /* BB spec says that if AvId field of MsvAvTimestamp is populated then |
409 | we must set the MIC field of the AUTHENTICATE_MESSAGE */ | 406 | we must set the MIC field of the AUTHENTICATE_MESSAGE */ |
410 | 407 | ||
411 | ses->server->ntlmssp.server_flags = le32_to_cpu(pblob->NegotiateFlags); | ||
412 | |||
413 | tioffset = cpu_to_le16(pblob->TargetInfoArray.BufferOffset); | ||
414 | tilen = cpu_to_le16(pblob->TargetInfoArray.Length); | ||
415 | ses->server->tilen = tilen; | ||
416 | if (tilen) { | ||
417 | ses->server->tiblob = kmalloc(tilen, GFP_KERNEL); | ||
418 | if (!ses->server->tiblob) { | ||
419 | cERROR(1, "Challenge target info allocation failure"); | ||
420 | return -ENOMEM; | ||
421 | } | ||
422 | memcpy(ses->server->tiblob, bcc_ptr + tioffset, tilen); | ||
423 | } | ||
424 | |||
425 | return 0; | 408 | return 0; |
426 | } | 409 | } |
427 | 410 | ||
@@ -442,13 +425,12 @@ static void build_ntlmssp_negotiate_blob(unsigned char *pbuffer, | |||
442 | /* BB is NTLMV2 session security format easier to use here? */ | 425 | /* BB is NTLMV2 session security format easier to use here? */ |
443 | flags = NTLMSSP_NEGOTIATE_56 | NTLMSSP_REQUEST_TARGET | | 426 | flags = NTLMSSP_NEGOTIATE_56 | NTLMSSP_REQUEST_TARGET | |
444 | NTLMSSP_NEGOTIATE_128 | NTLMSSP_NEGOTIATE_UNICODE | | 427 | NTLMSSP_NEGOTIATE_128 | NTLMSSP_NEGOTIATE_UNICODE | |
445 | NTLMSSP_NEGOTIATE_NTLM; | 428 | NTLMSSP_NEGOTIATE_NT_ONLY | NTLMSSP_NEGOTIATE_NTLM; |
446 | if (ses->server->secMode & | 429 | if (ses->server->secMode & |
447 | (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED)) { | 430 | (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED)) |
448 | flags |= NTLMSSP_NEGOTIATE_SIGN | | 431 | flags |= NTLMSSP_NEGOTIATE_SIGN; |
449 | NTLMSSP_NEGOTIATE_KEY_XCH | | 432 | if (ses->server->secMode & SECMODE_SIGN_REQUIRED) |
450 | NTLMSSP_NEGOTIATE_EXTENDED_SEC; | 433 | flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN; |
451 | } | ||
452 | 434 | ||
453 | sec_blob->NegotiateFlags |= cpu_to_le32(flags); | 435 | sec_blob->NegotiateFlags |= cpu_to_le32(flags); |
454 | 436 | ||
@@ -469,12 +451,10 @@ static int build_ntlmssp_auth_blob(unsigned char *pbuffer, | |||
469 | struct cifsSesInfo *ses, | 451 | struct cifsSesInfo *ses, |
470 | const struct nls_table *nls_cp, bool first) | 452 | const struct nls_table *nls_cp, bool first) |
471 | { | 453 | { |
472 | int rc; | ||
473 | unsigned int size; | ||
474 | AUTHENTICATE_MESSAGE *sec_blob = (AUTHENTICATE_MESSAGE *)pbuffer; | 454 | AUTHENTICATE_MESSAGE *sec_blob = (AUTHENTICATE_MESSAGE *)pbuffer; |
475 | __u32 flags; | 455 | __u32 flags; |
476 | unsigned char *tmp; | 456 | unsigned char *tmp; |
477 | struct ntlmv2_resp ntlmv2_response = {}; | 457 | char ntlm_session_key[CIFS_SESS_KEY_SIZE]; |
478 | 458 | ||
479 | memcpy(sec_blob->Signature, NTLMSSP_SIGNATURE, 8); | 459 | memcpy(sec_blob->Signature, NTLMSSP_SIGNATURE, 8); |
480 | sec_blob->MessageType = NtLmAuthenticate; | 460 | sec_blob->MessageType = NtLmAuthenticate; |
@@ -497,25 +477,19 @@ static int build_ntlmssp_auth_blob(unsigned char *pbuffer, | |||
497 | sec_blob->LmChallengeResponse.Length = 0; | 477 | sec_blob->LmChallengeResponse.Length = 0; |
498 | sec_blob->LmChallengeResponse.MaximumLength = 0; | 478 | sec_blob->LmChallengeResponse.MaximumLength = 0; |
499 | 479 | ||
500 | sec_blob->NtChallengeResponse.BufferOffset = cpu_to_le32(tmp - pbuffer); | 480 | /* calculate session key, BB what about adding similar ntlmv2 path? */ |
501 | rc = setup_ntlmv2_rsp(ses, (char *)&ntlmv2_response, nls_cp); | 481 | SMBNTencrypt(ses->password, ses->server->cryptKey, ntlm_session_key); |
502 | if (rc) { | 482 | if (first) |
503 | cERROR(1, "error rc: %d during ntlmssp ntlmv2 setup", rc); | 483 | cifs_calculate_mac_key(&ses->server->mac_signing_key, |
504 | goto setup_ntlmv2_ret; | 484 | ntlm_session_key, ses->password); |
505 | } | ||
506 | size = sizeof(struct ntlmv2_resp); | ||
507 | memcpy(tmp, (char *)&ntlmv2_response, size); | ||
508 | tmp += size; | ||
509 | if (ses->server->tilen > 0) { | ||
510 | memcpy(tmp, ses->server->tiblob, ses->server->tilen); | ||
511 | tmp += ses->server->tilen; | ||
512 | } else | ||
513 | ses->server->tilen = 0; | ||
514 | 485 | ||
515 | sec_blob->NtChallengeResponse.Length = cpu_to_le16(size + | 486 | memcpy(tmp, ntlm_session_key, CIFS_SESS_KEY_SIZE); |
516 | ses->server->tilen); | 487 | sec_blob->NtChallengeResponse.BufferOffset = cpu_to_le32(tmp - pbuffer); |
488 | sec_blob->NtChallengeResponse.Length = cpu_to_le16(CIFS_SESS_KEY_SIZE); | ||
517 | sec_blob->NtChallengeResponse.MaximumLength = | 489 | sec_blob->NtChallengeResponse.MaximumLength = |
518 | cpu_to_le16(size + ses->server->tilen); | 490 | cpu_to_le16(CIFS_SESS_KEY_SIZE); |
491 | |||
492 | tmp += CIFS_SESS_KEY_SIZE; | ||
519 | 493 | ||
520 | if (ses->domainName == NULL) { | 494 | if (ses->domainName == NULL) { |
521 | sec_blob->DomainName.BufferOffset = cpu_to_le32(tmp - pbuffer); | 495 | sec_blob->DomainName.BufferOffset = cpu_to_le32(tmp - pbuffer); |
@@ -527,6 +501,7 @@ static int build_ntlmssp_auth_blob(unsigned char *pbuffer, | |||
527 | len = cifs_strtoUCS((__le16 *)tmp, ses->domainName, | 501 | len = cifs_strtoUCS((__le16 *)tmp, ses->domainName, |
528 | MAX_USERNAME_SIZE, nls_cp); | 502 | MAX_USERNAME_SIZE, nls_cp); |
529 | len *= 2; /* unicode is 2 bytes each */ | 503 | len *= 2; /* unicode is 2 bytes each */ |
504 | len += 2; /* trailing null */ | ||
530 | sec_blob->DomainName.BufferOffset = cpu_to_le32(tmp - pbuffer); | 505 | sec_blob->DomainName.BufferOffset = cpu_to_le32(tmp - pbuffer); |
531 | sec_blob->DomainName.Length = cpu_to_le16(len); | 506 | sec_blob->DomainName.Length = cpu_to_le16(len); |
532 | sec_blob->DomainName.MaximumLength = cpu_to_le16(len); | 507 | sec_blob->DomainName.MaximumLength = cpu_to_le16(len); |
@@ -543,6 +518,7 @@ static int build_ntlmssp_auth_blob(unsigned char *pbuffer, | |||
543 | len = cifs_strtoUCS((__le16 *)tmp, ses->userName, | 518 | len = cifs_strtoUCS((__le16 *)tmp, ses->userName, |
544 | MAX_USERNAME_SIZE, nls_cp); | 519 | MAX_USERNAME_SIZE, nls_cp); |
545 | len *= 2; /* unicode is 2 bytes each */ | 520 | len *= 2; /* unicode is 2 bytes each */ |
521 | len += 2; /* trailing null */ | ||
546 | sec_blob->UserName.BufferOffset = cpu_to_le32(tmp - pbuffer); | 522 | sec_blob->UserName.BufferOffset = cpu_to_le32(tmp - pbuffer); |
547 | sec_blob->UserName.Length = cpu_to_le16(len); | 523 | sec_blob->UserName.Length = cpu_to_le16(len); |
548 | sec_blob->UserName.MaximumLength = cpu_to_le16(len); | 524 | sec_blob->UserName.MaximumLength = cpu_to_le16(len); |
@@ -554,26 +530,9 @@ static int build_ntlmssp_auth_blob(unsigned char *pbuffer, | |||
554 | sec_blob->WorkstationName.MaximumLength = 0; | 530 | sec_blob->WorkstationName.MaximumLength = 0; |
555 | tmp += 2; | 531 | tmp += 2; |
556 | 532 | ||
557 | if ((ses->server->ntlmssp.server_flags & NTLMSSP_NEGOTIATE_KEY_XCH) && | 533 | sec_blob->SessionKey.BufferOffset = cpu_to_le32(tmp - pbuffer); |
558 | !calc_seckey(ses->server)) { | 534 | sec_blob->SessionKey.Length = 0; |
559 | memcpy(tmp, ses->server->ntlmssp.ciphertext, CIFS_CPHTXT_SIZE); | 535 | sec_blob->SessionKey.MaximumLength = 0; |
560 | sec_blob->SessionKey.BufferOffset = cpu_to_le32(tmp - pbuffer); | ||
561 | sec_blob->SessionKey.Length = cpu_to_le16(CIFS_CPHTXT_SIZE); | ||
562 | sec_blob->SessionKey.MaximumLength = | ||
563 | cpu_to_le16(CIFS_CPHTXT_SIZE); | ||
564 | tmp += CIFS_CPHTXT_SIZE; | ||
565 | } else { | ||
566 | sec_blob->SessionKey.BufferOffset = cpu_to_le32(tmp - pbuffer); | ||
567 | sec_blob->SessionKey.Length = 0; | ||
568 | sec_blob->SessionKey.MaximumLength = 0; | ||
569 | } | ||
570 | |||
571 | ses->server->sequence_number = 0; | ||
572 | |||
573 | setup_ntlmv2_ret: | ||
574 | if (ses->server->tilen > 0) | ||
575 | kfree(ses->server->tiblob); | ||
576 | |||
577 | return tmp - pbuffer; | 536 | return tmp - pbuffer; |
578 | } | 537 | } |
579 | 538 | ||
@@ -587,14 +546,15 @@ static void setup_ntlmssp_neg_req(SESSION_SETUP_ANDX *pSMB, | |||
587 | return; | 546 | return; |
588 | } | 547 | } |
589 | 548 | ||
590 | static int setup_ntlmssp_auth_req(char *ntlmsspblob, | 549 | static int setup_ntlmssp_auth_req(SESSION_SETUP_ANDX *pSMB, |
591 | struct cifsSesInfo *ses, | 550 | struct cifsSesInfo *ses, |
592 | const struct nls_table *nls, bool first_time) | 551 | const struct nls_table *nls, bool first_time) |
593 | { | 552 | { |
594 | int bloblen; | 553 | int bloblen; |
595 | 554 | ||
596 | bloblen = build_ntlmssp_auth_blob(ntlmsspblob, ses, nls, | 555 | bloblen = build_ntlmssp_auth_blob(&pSMB->req.SecurityBlob[0], ses, nls, |
597 | first_time); | 556 | first_time); |
557 | pSMB->req.SecurityBlobLength = cpu_to_le16(bloblen); | ||
598 | 558 | ||
599 | return bloblen; | 559 | return bloblen; |
600 | } | 560 | } |
@@ -730,7 +690,7 @@ ssetup_ntlmssp_authenticate: | |||
730 | 690 | ||
731 | if (first_time) /* should this be moved into common code | 691 | if (first_time) /* should this be moved into common code |
732 | with similar ntlmv2 path? */ | 692 | with similar ntlmv2 path? */ |
733 | cifs_calculate_session_key(&ses->server->session_key, | 693 | cifs_calculate_mac_key(&ses->server->mac_signing_key, |
734 | ntlm_session_key, ses->password); | 694 | ntlm_session_key, ses->password); |
735 | /* copy session key */ | 695 | /* copy session key */ |
736 | 696 | ||
@@ -769,21 +729,12 @@ ssetup_ntlmssp_authenticate: | |||
769 | cpu_to_le16(sizeof(struct ntlmv2_resp)); | 729 | cpu_to_le16(sizeof(struct ntlmv2_resp)); |
770 | 730 | ||
771 | /* calculate session key */ | 731 | /* calculate session key */ |
772 | rc = setup_ntlmv2_rsp(ses, v2_sess_key, nls_cp); | 732 | setup_ntlmv2_rsp(ses, v2_sess_key, nls_cp); |
773 | if (rc) { | ||
774 | kfree(v2_sess_key); | ||
775 | goto ssetup_exit; | ||
776 | } | ||
777 | /* FIXME: calculate MAC key */ | 733 | /* FIXME: calculate MAC key */ |
778 | memcpy(bcc_ptr, (char *)v2_sess_key, | 734 | memcpy(bcc_ptr, (char *)v2_sess_key, |
779 | sizeof(struct ntlmv2_resp)); | 735 | sizeof(struct ntlmv2_resp)); |
780 | bcc_ptr += sizeof(struct ntlmv2_resp); | 736 | bcc_ptr += sizeof(struct ntlmv2_resp); |
781 | kfree(v2_sess_key); | 737 | kfree(v2_sess_key); |
782 | if (ses->server->tilen > 0) { | ||
783 | memcpy(bcc_ptr, ses->server->tiblob, | ||
784 | ses->server->tilen); | ||
785 | bcc_ptr += ses->server->tilen; | ||
786 | } | ||
787 | if (ses->capabilities & CAP_UNICODE) { | 738 | if (ses->capabilities & CAP_UNICODE) { |
788 | if (iov[0].iov_len % 2) { | 739 | if (iov[0].iov_len % 2) { |
789 | *bcc_ptr = 0; | 740 | *bcc_ptr = 0; |
@@ -814,15 +765,15 @@ ssetup_ntlmssp_authenticate: | |||
814 | } | 765 | } |
815 | /* bail out if key is too long */ | 766 | /* bail out if key is too long */ |
816 | if (msg->sesskey_len > | 767 | if (msg->sesskey_len > |
817 | sizeof(ses->server->session_key.data.krb5)) { | 768 | sizeof(ses->server->mac_signing_key.data.krb5)) { |
818 | cERROR(1, "Kerberos signing key too long (%u bytes)", | 769 | cERROR(1, "Kerberos signing key too long (%u bytes)", |
819 | msg->sesskey_len); | 770 | msg->sesskey_len); |
820 | rc = -EOVERFLOW; | 771 | rc = -EOVERFLOW; |
821 | goto ssetup_exit; | 772 | goto ssetup_exit; |
822 | } | 773 | } |
823 | if (first_time) { | 774 | if (first_time) { |
824 | ses->server->session_key.len = msg->sesskey_len; | 775 | ses->server->mac_signing_key.len = msg->sesskey_len; |
825 | memcpy(ses->server->session_key.data.krb5, | 776 | memcpy(ses->server->mac_signing_key.data.krb5, |
826 | msg->data, msg->sesskey_len); | 777 | msg->data, msg->sesskey_len); |
827 | } | 778 | } |
828 | pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC; | 779 | pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC; |
@@ -864,28 +815,12 @@ ssetup_ntlmssp_authenticate: | |||
864 | if (phase == NtLmNegotiate) { | 815 | if (phase == NtLmNegotiate) { |
865 | setup_ntlmssp_neg_req(pSMB, ses); | 816 | setup_ntlmssp_neg_req(pSMB, ses); |
866 | iov[1].iov_len = sizeof(NEGOTIATE_MESSAGE); | 817 | iov[1].iov_len = sizeof(NEGOTIATE_MESSAGE); |
867 | iov[1].iov_base = &pSMB->req.SecurityBlob[0]; | ||
868 | } else if (phase == NtLmAuthenticate) { | 818 | } else if (phase == NtLmAuthenticate) { |
869 | int blob_len; | 819 | int blob_len; |
870 | char *ntlmsspblob; | 820 | blob_len = setup_ntlmssp_auth_req(pSMB, ses, |
871 | 821 | nls_cp, | |
872 | ntlmsspblob = kmalloc(5 * | 822 | first_time); |
873 | sizeof(struct _AUTHENTICATE_MESSAGE), | ||
874 | GFP_KERNEL); | ||
875 | if (!ntlmsspblob) { | ||
876 | cERROR(1, "Can't allocate NTLMSSP"); | ||
877 | rc = -ENOMEM; | ||
878 | goto ssetup_exit; | ||
879 | } | ||
880 | |||
881 | blob_len = setup_ntlmssp_auth_req(ntlmsspblob, | ||
882 | ses, | ||
883 | nls_cp, | ||
884 | first_time); | ||
885 | iov[1].iov_len = blob_len; | 823 | iov[1].iov_len = blob_len; |
886 | iov[1].iov_base = ntlmsspblob; | ||
887 | pSMB->req.SecurityBlobLength = | ||
888 | cpu_to_le16(blob_len); | ||
889 | /* Make sure that we tell the server that we | 824 | /* Make sure that we tell the server that we |
890 | are using the uid that it just gave us back | 825 | are using the uid that it just gave us back |
891 | on the response (challenge) */ | 826 | on the response (challenge) */ |
@@ -895,6 +830,7 @@ ssetup_ntlmssp_authenticate: | |||
895 | rc = -ENOSYS; | 830 | rc = -ENOSYS; |
896 | goto ssetup_exit; | 831 | goto ssetup_exit; |
897 | } | 832 | } |
833 | iov[1].iov_base = &pSMB->req.SecurityBlob[0]; | ||
898 | /* unicode strings must be word aligned */ | 834 | /* unicode strings must be word aligned */ |
899 | if ((iov[0].iov_len + iov[1].iov_len) % 2) { | 835 | if ((iov[0].iov_len + iov[1].iov_len) % 2) { |
900 | *bcc_ptr = 0; | 836 | *bcc_ptr = 0; |
diff --git a/fs/cifs/transport.c b/fs/cifs/transport.c index e0588cdf4cc5..82f78c4d6978 100644 --- a/fs/cifs/transport.c +++ b/fs/cifs/transport.c | |||
@@ -543,7 +543,7 @@ SendReceive2(const unsigned int xid, struct cifsSesInfo *ses, | |||
543 | (ses->server->secMode & (SECMODE_SIGN_REQUIRED | | 543 | (ses->server->secMode & (SECMODE_SIGN_REQUIRED | |
544 | SECMODE_SIGN_ENABLED))) { | 544 | SECMODE_SIGN_ENABLED))) { |
545 | rc = cifs_verify_signature(midQ->resp_buf, | 545 | rc = cifs_verify_signature(midQ->resp_buf, |
546 | ses->server, | 546 | &ses->server->mac_signing_key, |
547 | midQ->sequence_number+1); | 547 | midQ->sequence_number+1); |
548 | if (rc) { | 548 | if (rc) { |
549 | cERROR(1, "Unexpected SMB signature"); | 549 | cERROR(1, "Unexpected SMB signature"); |
@@ -731,7 +731,7 @@ SendReceive(const unsigned int xid, struct cifsSesInfo *ses, | |||
731 | (ses->server->secMode & (SECMODE_SIGN_REQUIRED | | 731 | (ses->server->secMode & (SECMODE_SIGN_REQUIRED | |
732 | SECMODE_SIGN_ENABLED))) { | 732 | SECMODE_SIGN_ENABLED))) { |
733 | rc = cifs_verify_signature(out_buf, | 733 | rc = cifs_verify_signature(out_buf, |
734 | ses->server, | 734 | &ses->server->mac_signing_key, |
735 | midQ->sequence_number+1); | 735 | midQ->sequence_number+1); |
736 | if (rc) { | 736 | if (rc) { |
737 | cERROR(1, "Unexpected SMB signature"); | 737 | cERROR(1, "Unexpected SMB signature"); |
@@ -981,7 +981,7 @@ SendReceiveBlockingLock(const unsigned int xid, struct cifsTconInfo *tcon, | |||
981 | (ses->server->secMode & (SECMODE_SIGN_REQUIRED | | 981 | (ses->server->secMode & (SECMODE_SIGN_REQUIRED | |
982 | SECMODE_SIGN_ENABLED))) { | 982 | SECMODE_SIGN_ENABLED))) { |
983 | rc = cifs_verify_signature(out_buf, | 983 | rc = cifs_verify_signature(out_buf, |
984 | ses->server, | 984 | &ses->server->mac_signing_key, |
985 | midQ->sequence_number+1); | 985 | midQ->sequence_number+1); |
986 | if (rc) { | 986 | if (rc) { |
987 | cERROR(1, "Unexpected SMB signature"); | 987 | cERROR(1, "Unexpected SMB signature"); |