diff options
author | Steve French <sfrench@us.ibm.com> | 2006-02-09 16:12:47 -0500 |
---|---|---|
committer | Steve French <sfrench@us.ibm.com> | 2006-02-09 16:12:47 -0500 |
commit | 12b3b8ffb5fd591df41f658d6068b76f7a58e710 (patch) | |
tree | 7034f4aed6f90d00cd24d8548c6df229aae2d22c | |
parent | e3f749c4af69c4344d89f11e2293e3790eb4eaca (diff) |
[CIFS] Cleanup NTLMSSP session setup handling
Fix to hash NTLMv2 properly will follow.
Signed-off-by: Steve French <sfrench@us.ibm.com>
-rw-r--r-- | fs/cifs/CHANGES | 6 | ||||
-rw-r--r-- | fs/cifs/cifsencrypt.c | 5 | ||||
-rw-r--r-- | fs/cifs/cifsfs.h | 2 | ||||
-rw-r--r-- | fs/cifs/cifsproto.h | 2 | ||||
-rw-r--r-- | fs/cifs/cifssmb.c | 27 | ||||
-rw-r--r-- | fs/cifs/connect.c | 42 | ||||
-rw-r--r-- | fs/cifs/ntlmssp.h | 2 |
7 files changed, 53 insertions, 33 deletions
diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index d335015473a5..a9cf779cf35e 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES | |||
@@ -1,3 +1,9 @@ | |||
1 | Version 1.41 | ||
2 | ------------ | ||
3 | Fix NTLMv2 security (can be enabled in /proc/fs/cifs) so customers can | ||
4 | configure stronger authentication. Fix sfu symlinks so they can | ||
5 | be followed (not just recognized). | ||
6 | |||
1 | Version 1.40 | 7 | Version 1.40 |
2 | ------------ | 8 | ------------ |
3 | Use fsuid (fsgid) more consistently instead of uid (gid). Improve performance | 9 | Use fsuid (fsgid) more consistently instead of uid (gid). Improve performance |
diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c index a2c24858d40f..41d08d9fef79 100644 --- a/fs/cifs/cifsencrypt.c +++ b/fs/cifs/cifsencrypt.c | |||
@@ -1,7 +1,7 @@ | |||
1 | /* | 1 | /* |
2 | * fs/cifs/cifsencrypt.c | 2 | * fs/cifs/cifsencrypt.c |
3 | * | 3 | * |
4 | * Copyright (C) International Business Machines Corp., 2005 | 4 | * Copyright (C) International Business Machines Corp., 2005,2006 |
5 | * Author(s): Steve French (sfrench@us.ibm.com) | 5 | * Author(s): Steve French (sfrench@us.ibm.com) |
6 | * | 6 | * |
7 | * This library is free software; you can redistribute it and/or modify | 7 | * This library is free software; you can redistribute it and/or modify |
@@ -36,7 +36,8 @@ | |||
36 | extern void mdfour(unsigned char *out, unsigned char *in, int n); | 36 | extern void mdfour(unsigned char *out, unsigned char *in, int n); |
37 | extern void E_md4hash(const unsigned char *passwd, unsigned char *p16); | 37 | extern void E_md4hash(const unsigned char *passwd, unsigned char *p16); |
38 | 38 | ||
39 | static int cifs_calculate_signature(const struct smb_hdr * cifs_pdu, const char * key, char * signature) | 39 | static int cifs_calculate_signature(const struct smb_hdr * cifs_pdu, |
40 | const char * key, char * signature) | ||
40 | { | 41 | { |
41 | struct MD5Context context; | 42 | struct MD5Context context; |
42 | 43 | ||
diff --git a/fs/cifs/cifsfs.h b/fs/cifs/cifsfs.h index 821a8eb22559..4cf10f23cda9 100644 --- a/fs/cifs/cifsfs.h +++ b/fs/cifs/cifsfs.h | |||
@@ -99,5 +99,5 @@ extern ssize_t cifs_getxattr(struct dentry *, const char *, void *, size_t); | |||
99 | extern ssize_t cifs_listxattr(struct dentry *, char *, size_t); | 99 | extern ssize_t cifs_listxattr(struct dentry *, char *, size_t); |
100 | extern int cifs_ioctl (struct inode * inode, struct file * filep, | 100 | extern int cifs_ioctl (struct inode * inode, struct file * filep, |
101 | unsigned int command, unsigned long arg); | 101 | unsigned int command, unsigned long arg); |
102 | #define CIFS_VERSION "1.40" | 102 | #define CIFS_VERSION "1.41" |
103 | #endif /* _CIFSFS_H */ | 103 | #endif /* _CIFSFS_H */ |
diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h index 3c03aadaff0c..6c00acc29cd9 100644 --- a/fs/cifs/cifsproto.h +++ b/fs/cifs/cifsproto.h | |||
@@ -64,6 +64,8 @@ extern int map_smb_to_linux_error(struct smb_hdr *smb); | |||
64 | extern void header_assemble(struct smb_hdr *, char /* command */ , | 64 | extern void header_assemble(struct smb_hdr *, char /* command */ , |
65 | const struct cifsTconInfo *, int /* length of | 65 | const struct cifsTconInfo *, int /* length of |
66 | fixed section (word count) in two byte units */); | 66 | fixed section (word count) in two byte units */); |
67 | extern int small_smb_init_no_tc(int smb_cmd, int wct, struct cifsSesInfo *ses, | ||
68 | void ** request_buf); | ||
67 | extern __u16 GetNextMid(struct TCP_Server_Info *server); | 69 | extern __u16 GetNextMid(struct TCP_Server_Info *server); |
68 | extern struct oplock_q_entry * AllocOplockQEntry(struct inode *, u16, | 70 | extern struct oplock_q_entry * AllocOplockQEntry(struct inode *, u16, |
69 | struct cifsTconInfo *); | 71 | struct cifsTconInfo *); |
diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index 217323b0c896..d69b835c12ec 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c | |||
@@ -1,7 +1,7 @@ | |||
1 | /* | 1 | /* |
2 | * fs/cifs/cifssmb.c | 2 | * fs/cifs/cifssmb.c |
3 | * | 3 | * |
4 | * Copyright (C) International Business Machines Corp., 2002,2005 | 4 | * Copyright (C) International Business Machines Corp., 2002,2006 |
5 | * Author(s): Steve French (sfrench@us.ibm.com) | 5 | * Author(s): Steve French (sfrench@us.ibm.com) |
6 | * | 6 | * |
7 | * Contains the routines for constructing the SMB PDUs themselves | 7 | * Contains the routines for constructing the SMB PDUs themselves |
@@ -187,6 +187,31 @@ small_smb_init(int smb_command, int wct, struct cifsTconInfo *tcon, | |||
187 | 187 | ||
188 | return rc; | 188 | return rc; |
189 | } | 189 | } |
190 | int | ||
191 | small_smb_init_no_tcon(int smb_command, int wct, struct cifsSesInfo *ses, | ||
192 | void **request_buf) | ||
193 | { | ||
194 | int rc; | ||
195 | struct smb_hdr * buffer; | ||
196 | |||
197 | rc = small_smb_init(smb_command, wct, 0, request_buf); | ||
198 | if(rc) | ||
199 | return rc; | ||
200 | |||
201 | buffer->Mid = GetNextMid(ses->server); | ||
202 | if (ses->capabilities & CAP_UNICODE) | ||
203 | buffer->Flags2 |= SMBFLG2_UNICODE; | ||
204 | if (ses->capabilities & CAP_STATUS32) { | ||
205 | buffer->Flags2 |= SMBFLG2_ERR_STATUS; | ||
206 | |||
207 | /* uid, tid can stay at zero as set in header assemble */ | ||
208 | |||
209 | /* BB add support for turning on the signing when | ||
210 | this function is used after 1st of session setup requests */ | ||
211 | |||
212 | return rc; | ||
213 | } | ||
214 | |||
190 | 215 | ||
191 | /* If the return code is zero, this function must fill in request_buf pointer */ | 216 | /* If the return code is zero, this function must fill in request_buf pointer */ |
192 | static int | 217 | static int |
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index e488603fb1e7..05aa651ea3da 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c | |||
@@ -2525,7 +2525,7 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid, | |||
2525 | __u32 negotiate_flags, capabilities; | 2525 | __u32 negotiate_flags, capabilities; |
2526 | __u16 count; | 2526 | __u16 count; |
2527 | 2527 | ||
2528 | cFYI(1, ("In NTLMSSP sesssetup (negotiate) ")); | 2528 | cFYI(1, ("In NTLMSSP sesssetup (negotiate)")); |
2529 | if(ses == NULL) | 2529 | if(ses == NULL) |
2530 | return -EINVAL; | 2530 | return -EINVAL; |
2531 | domain = ses->domainName; | 2531 | domain = ses->domainName; |
@@ -2575,7 +2575,8 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid, | |||
2575 | SecurityBlob->MessageType = NtLmNegotiate; | 2575 | SecurityBlob->MessageType = NtLmNegotiate; |
2576 | negotiate_flags = | 2576 | negotiate_flags = |
2577 | NTLMSSP_NEGOTIATE_UNICODE | NTLMSSP_NEGOTIATE_OEM | | 2577 | NTLMSSP_NEGOTIATE_UNICODE | NTLMSSP_NEGOTIATE_OEM | |
2578 | NTLMSSP_REQUEST_TARGET | NTLMSSP_NEGOTIATE_NTLM | 0x80000000 | | 2578 | NTLMSSP_REQUEST_TARGET | NTLMSSP_NEGOTIATE_NTLM | |
2579 | NTLMSSP_NEGOTIATE_56 | | ||
2579 | /* NTLMSSP_NEGOTIATE_ALWAYS_SIGN | */ NTLMSSP_NEGOTIATE_128; | 2580 | /* NTLMSSP_NEGOTIATE_ALWAYS_SIGN | */ NTLMSSP_NEGOTIATE_128; |
2580 | if(sign_CIFS_PDUs) | 2581 | if(sign_CIFS_PDUs) |
2581 | negotiate_flags |= NTLMSSP_NEGOTIATE_SIGN; | 2582 | negotiate_flags |= NTLMSSP_NEGOTIATE_SIGN; |
@@ -2588,26 +2589,11 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid, | |||
2588 | SecurityBlob->WorkstationName.Length = 0; | 2589 | SecurityBlob->WorkstationName.Length = 0; |
2589 | SecurityBlob->WorkstationName.MaximumLength = 0; | 2590 | SecurityBlob->WorkstationName.MaximumLength = 0; |
2590 | 2591 | ||
2591 | if (domain == NULL) { | 2592 | /* Domain not sent on first Sesssetup in NTLMSSP, instead it is sent |
2592 | SecurityBlob->DomainName.Buffer = 0; | 2593 | along with username on auth request (ie the response to challenge) */ |
2593 | SecurityBlob->DomainName.Length = 0; | 2594 | SecurityBlob->DomainName.Buffer = 0; |
2594 | SecurityBlob->DomainName.MaximumLength = 0; | 2595 | SecurityBlob->DomainName.Length = 0; |
2595 | } else { | 2596 | SecurityBlob->DomainName.MaximumLength = 0; |
2596 | __u16 len; | ||
2597 | negotiate_flags |= NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED; | ||
2598 | strncpy(bcc_ptr, domain, 63); | ||
2599 | len = strnlen(domain, 64); | ||
2600 | SecurityBlob->DomainName.MaximumLength = | ||
2601 | cpu_to_le16(len); | ||
2602 | SecurityBlob->DomainName.Buffer = | ||
2603 | cpu_to_le32((long) &SecurityBlob-> | ||
2604 | DomainString - | ||
2605 | (long) &SecurityBlob->Signature); | ||
2606 | bcc_ptr += len; | ||
2607 | SecurityBlobLength += len; | ||
2608 | SecurityBlob->DomainName.Length = | ||
2609 | cpu_to_le16(len); | ||
2610 | } | ||
2611 | if (ses->capabilities & CAP_UNICODE) { | 2597 | if (ses->capabilities & CAP_UNICODE) { |
2612 | if ((long) bcc_ptr % 2) { | 2598 | if ((long) bcc_ptr % 2) { |
2613 | *bcc_ptr = 0; | 2599 | *bcc_ptr = 0; |
@@ -2677,7 +2663,7 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid, | |||
2677 | SecurityBlob2->MessageType)); | 2663 | SecurityBlob2->MessageType)); |
2678 | } else if (ses) { | 2664 | } else if (ses) { |
2679 | ses->Suid = smb_buffer_response->Uid; /* UID left in le format */ | 2665 | ses->Suid = smb_buffer_response->Uid; /* UID left in le format */ |
2680 | cFYI(1, ("UID = %d ", ses->Suid)); | 2666 | cFYI(1, ("UID = %d", ses->Suid)); |
2681 | if ((pSMBr->resp.hdr.WordCount == 3) | 2667 | if ((pSMBr->resp.hdr.WordCount == 3) |
2682 | || ((pSMBr->resp.hdr.WordCount == 4) | 2668 | || ((pSMBr->resp.hdr.WordCount == 4) |
2683 | && (blob_len < | 2669 | && (blob_len < |
@@ -2685,17 +2671,17 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid, | |||
2685 | 2671 | ||
2686 | if (pSMBr->resp.hdr.WordCount == 4) { | 2672 | if (pSMBr->resp.hdr.WordCount == 4) { |
2687 | bcc_ptr += blob_len; | 2673 | bcc_ptr += blob_len; |
2688 | cFYI(1, | 2674 | cFYI(1, ("Security Blob Length %d", |
2689 | ("Security Blob Length %d ", | ||
2690 | blob_len)); | 2675 | blob_len)); |
2691 | } | 2676 | } |
2692 | 2677 | ||
2693 | cFYI(1, ("NTLMSSP Challenge rcvd ")); | 2678 | cFYI(1, ("NTLMSSP Challenge rcvd")); |
2694 | 2679 | ||
2695 | memcpy(ses->server->cryptKey, | 2680 | memcpy(ses->server->cryptKey, |
2696 | SecurityBlob2->Challenge, | 2681 | SecurityBlob2->Challenge, |
2697 | CIFS_CRYPTO_KEY_SIZE); | 2682 | CIFS_CRYPTO_KEY_SIZE); |
2698 | if(SecurityBlob2->NegotiateFlags & cpu_to_le32(NTLMSSP_NEGOTIATE_NTLMV2)) | 2683 | if(SecurityBlob2->NegotiateFlags & |
2684 | cpu_to_le32(NTLMSSP_NEGOTIATE_NTLMV2)) | ||
2699 | *pNTLMv2_flag = TRUE; | 2685 | *pNTLMv2_flag = TRUE; |
2700 | 2686 | ||
2701 | if((SecurityBlob2->NegotiateFlags & | 2687 | if((SecurityBlob2->NegotiateFlags & |
@@ -2818,7 +2804,7 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid, | |||
2818 | bcc_ptr++; | 2804 | bcc_ptr++; |
2819 | } else | 2805 | } else |
2820 | cFYI(1, | 2806 | cFYI(1, |
2821 | ("Variable field of length %d extends beyond end of smb ", | 2807 | ("Variable field of length %d extends beyond end of smb", |
2822 | len)); | 2808 | len)); |
2823 | } | 2809 | } |
2824 | } else { | 2810 | } else { |
diff --git a/fs/cifs/ntlmssp.h b/fs/cifs/ntlmssp.h index 803389b64a2c..d39b712a11c5 100644 --- a/fs/cifs/ntlmssp.h +++ b/fs/cifs/ntlmssp.h | |||
@@ -1,7 +1,7 @@ | |||
1 | /* | 1 | /* |
2 | * fs/cifs/ntlmssp.h | 2 | * fs/cifs/ntlmssp.h |
3 | * | 3 | * |
4 | * Copyright (c) International Business Machines Corp., 2002 | 4 | * Copyright (c) International Business Machines Corp., 2002,2006 |
5 | * Author(s): Steve French (sfrench@us.ibm.com) | 5 | * Author(s): Steve French (sfrench@us.ibm.com) |
6 | * | 6 | * |
7 | * This library is free software; you can redistribute it and/or modify | 7 | * This library is free software; you can redistribute it and/or modify |