Linux-2.6.12-rc2v2.6.12-rc2

Initial git repository build. I'm not bothering with the full history, even though we have it. We can create a separate "historical" git archive of that later if we want to, and in the meantime it's about 3.2GB when imported into git - space that would just make the early git days unnecessarily complicated, when we don't have a lot of good infrastructure for it. Let it rip!
author: Linus Torvalds <torvalds@ppc970.osdl.org> 2005-04-16 18:20:36 -0400
committer: Linus Torvalds <torvalds@ppc970.osdl.org> 2005-04-16 18:20:36 -0400
commit: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (patch)
tree: 0bba044c4ce775e45a88a51686b5d9f90697ea9d /fs/cifs/asn1.c
1 files changed, 618 insertions, 0 deletions
diff --git a/fs/cifs/asn1.c b/fs/cifs/asn1.c
new file mode 100644
index 000000000000..e02010dd73ec
--- /dev/null
+++ b/fs/cifs/asn1.c
@@ -0,0 +1,618 @@
+/* 
+ * The ASB.1/BER parsing code is derived from ip_nat_snmp_basic.c which was in
+ * turn derived from the gxsnmp package by Gregory McLean & Jochen Friedrich
+ *      
+ * Copyright (c) 2000 RP Internet (www.rpi.net.au).
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA
+ */
+#include <linux/config.h>
+#include <linux/module.h>
+#include <linux/types.h>
+#include <linux/kernel.h>
+#include <linux/mm.h>
+#include <linux/slab.h>
+#include "cifspdu.h"
+#include "cifsglob.h"
+#include "cifs_debug.h"
+#include "cifsproto.h"
+/*****************************************************************************
+ *
+ * Basic ASN.1 decoding routines (gxsnmp author Dirk Wisse)
+ *
+ *****************************************************************************/
+/* Class */
+#define ASN1_UNI        0       /* Universal */
+#define ASN1_APL        1       /* Application */
+#define ASN1_CTX        2       /* Context */
+#define ASN1_PRV        3       /* Private */
+/* Tag */
+#define ASN1_EOC        0       /* End Of Contents or N/A */
+#define ASN1_BOL        1       /* Boolean */
+#define ASN1_INT        2       /* Integer */
+#define ASN1_BTS        3       /* Bit String */
+#define ASN1_OTS        4       /* Octet String */
+#define ASN1_NUL        5       /* Null */
+#define ASN1_OJI        6       /* Object Identifier  */
+#define ASN1_OJD        7       /* Object Description */
+#define ASN1_EXT        8       /* External */
+#define ASN1_SEQ        16      /* Sequence */
+#define ASN1_SET        17      /* Set */
+#define ASN1_NUMSTR     18      /* Numerical String */
+#define ASN1_PRNSTR     19      /* Printable String */
+#define ASN1_TEXSTR     20      /* Teletext String */
+#define ASN1_VIDSTR     21      /* Video String */
+#define ASN1_IA5STR     22      /* IA5 String */
+#define ASN1_UNITIM     23      /* Universal Time */
+#define ASN1_GENTIM     24      /* General Time */
+#define ASN1_GRASTR     25      /* Graphical String */
+#define ASN1_VISSTR     26      /* Visible String */
+#define ASN1_GENSTR     27      /* General String */
+/* Primitive / Constructed methods*/
+#define ASN1_PRI        0       /* Primitive */
+#define ASN1_CON        1       /* Constructed */
+/*
+ * Error codes.
+ */
+#define ASN1_ERR_NOERROR                0
+#define ASN1_ERR_DEC_EMPTY              2
+#define ASN1_ERR_DEC_EOC_MISMATCH       3
+#define ASN1_ERR_DEC_LENGTH_MISMATCH    4
+#define ASN1_ERR_DEC_BADVALUE           5
+#define SPNEGO_OID_LEN 7
+#define NTLMSSP_OID_LEN  10
+static unsigned long SPNEGO_OID[7] = { 1, 3, 6, 1, 5, 5, 2 };
+static unsigned long NTLMSSP_OID[10] = { 1, 3, 6, 1, 4, 1, 311, 2, 2, 10 };
+/* 
+ * ASN.1 context.
+ */
+struct asn1_ctx {
+        int error;              /* Error condition */
+        unsigned char *pointer; /* Octet just to be decoded */
+        unsigned char *begin;   /* First octet */
+        unsigned char *end;     /* Octet after last octet */
+};
+/*
+ * Octet string (not null terminated)
+ */
+struct asn1_octstr {
+        unsigned char *data;
+        unsigned int len;
+};
+static void
+asn1_open(struct asn1_ctx *ctx, unsigned char *buf, unsigned int len)
+{
+        ctx->begin = buf;
+        ctx->end = buf + len;
+        ctx->pointer = buf;
+        ctx->error = ASN1_ERR_NOERROR;
+}
+static unsigned char
+asn1_octet_decode(struct asn1_ctx *ctx, unsigned char *ch)
+{
+        if (ctx->pointer >= ctx->end) {
+                ctx->error = ASN1_ERR_DEC_EMPTY;
+                return 0;
+        }
+        *ch = *(ctx->pointer)++;
+        return 1;
+}
+static unsigned char
+asn1_tag_decode(struct asn1_ctx *ctx, unsigned int *tag)
+{
+        unsigned char ch;
+        *tag = 0;
+        do {
+                if (!asn1_octet_decode(ctx, &ch))
+                        return 0;
+                *tag <<= 7;
+                *tag |= ch & 0x7F;
+        } while ((ch & 0x80) == 0x80);
+        return 1;
+}
+static unsigned char
+asn1_id_decode(struct asn1_ctx *ctx,
+               unsigned int *cls, unsigned int *con, unsigned int *tag)
+{
+        unsigned char ch;
+        if (!asn1_octet_decode(ctx, &ch))
+                return 0;
+        *cls = (ch & 0xC0) >> 6;
+        *con = (ch & 0x20) >> 5;
+        *tag = (ch & 0x1F);
+        if (*tag == 0x1F) {
+                if (!asn1_tag_decode(ctx, tag))
+                        return 0;
+        }
+        return 1;
+}
+static unsigned char
+asn1_length_decode(struct asn1_ctx *ctx, unsigned int *def, unsigned int *len)
+{
+        unsigned char ch, cnt;
+        if (!asn1_octet_decode(ctx, &ch))
+                return 0;
+        if (ch == 0x80)
+                *def = 0;
+        else {
+                *def = 1;
+                if (ch < 0x80)
+                        *len = ch;
+                else {
+                        cnt = (unsigned char) (ch & 0x7F);
+                        *len = 0;
+                        while (cnt > 0) {
+                                if (!asn1_octet_decode(ctx, &ch))
+                                        return 0;
+                                *len <<= 8;
+                                *len |= ch;
+                                cnt--;
+                        }
+                }
+        }
+        return 1;
+}
+static unsigned char
+asn1_header_decode(struct asn1_ctx *ctx,
+                   unsigned char **eoc,
+                   unsigned int *cls, unsigned int *con, unsigned int *tag)
+{
+        unsigned int def, len;
+        if (!asn1_id_decode(ctx, cls, con, tag))
+                return 0;
+        if (!asn1_length_decode(ctx, &def, &len))
+                return 0;
+        if (def)
+                *eoc = ctx->pointer + len;
+        else
+                *eoc = NULL;
+        return 1;
+}
+static unsigned char
+asn1_eoc_decode(struct asn1_ctx *ctx, unsigned char *eoc)
+{
+        unsigned char ch;
+        if (eoc == NULL) {
+                if (!asn1_octet_decode(ctx, &ch))
+                        return 0;
+                if (ch != 0x00) {
+                        ctx->error = ASN1_ERR_DEC_EOC_MISMATCH;
+                        return 0;
+                }
+                if (!asn1_octet_decode(ctx, &ch))
+                        return 0;
+                if (ch != 0x00) {
+                        ctx->error = ASN1_ERR_DEC_EOC_MISMATCH;
+                        return 0;
+                }
+                return 1;
+        } else {
+                if (ctx->pointer != eoc) {
+                        ctx->error = ASN1_ERR_DEC_LENGTH_MISMATCH;
+                        return 0;
+                }
+                return 1;
+        }
+}
+/* static unsigned char asn1_null_decode(struct asn1_ctx *ctx,
+                                      unsigned char *eoc)
+{
+        ctx->pointer = eoc;
+        return 1;
+}
+static unsigned char asn1_long_decode(struct asn1_ctx *ctx,
+                                      unsigned char *eoc, long *integer)
+{
+        unsigned char ch;
+        unsigned int len;
+        if (!asn1_octet_decode(ctx, &ch))
+                return 0;
+        *integer = (signed char) ch;
+        len = 1;
+        while (ctx->pointer < eoc) {
+                if (++len > sizeof(long)) {
+                        ctx->error = ASN1_ERR_DEC_BADVALUE;
+                        return 0;
+                }
+                if (!asn1_octet_decode(ctx, &ch))
+                        return 0;
+                *integer <<= 8;
+                *integer |= ch;
+        }
+        return 1;
+}
+static unsigned char asn1_uint_decode(struct asn1_ctx *ctx,
+                                      unsigned char *eoc,
+                                      unsigned int *integer)
+{
+        unsigned char ch;
+        unsigned int len;
+        if (!asn1_octet_decode(ctx, &ch))
+                return 0;
+        *integer = ch;
+        if (ch == 0)
+                len = 0;
+        else
+                len = 1;
+        while (ctx->pointer < eoc) {
+                if (++len > sizeof(unsigned int)) {
+                        ctx->error = ASN1_ERR_DEC_BADVALUE;
+                        return 0;
+                }
+                if (!asn1_octet_decode(ctx, &ch))
+                        return 0;
+                *integer <<= 8;
+                *integer |= ch;
+        }
+        return 1;
+}
+static unsigned char asn1_ulong_decode(struct asn1_ctx *ctx,
+                                       unsigned char *eoc,
+                                       unsigned long *integer)
+{
+        unsigned char ch;
+        unsigned int len;
+        if (!asn1_octet_decode(ctx, &ch))
+                return 0;
+        *integer = ch;
+        if (ch == 0)
+                len = 0;
+        else
+                len = 1;
+        while (ctx->pointer < eoc) {
+                if (++len > sizeof(unsigned long)) {
+                        ctx->error = ASN1_ERR_DEC_BADVALUE;
+                        return 0;
+                }
+                if (!asn1_octet_decode(ctx, &ch))
+                        return 0;
+                *integer <<= 8;
+                *integer |= ch;
+        }
+        return 1;
+} 
+static unsigned char
+asn1_octets_decode(struct asn1_ctx *ctx,
+                   unsigned char *eoc,
+                   unsigned char **octets, unsigned int *len)
+{
+        unsigned char *ptr;
+        *len = 0;
+        *octets = kmalloc(eoc - ctx->pointer, GFP_ATOMIC);
+        if (*octets == NULL) {
+                return 0;
+        }
+        ptr = *octets;
+        while (ctx->pointer < eoc) {
+                if (!asn1_octet_decode(ctx, (unsigned char *) ptr++)) {
+                        kfree(*octets);
+                        *octets = NULL;
+                        return 0;
+                }
+                (*len)++;
+        }
+        return 1;
+} */
+static unsigned char
+asn1_subid_decode(struct asn1_ctx *ctx, unsigned long *subid)
+{
+        unsigned char ch;
+        *subid = 0;
+        do {
+                if (!asn1_octet_decode(ctx, &ch))
+                        return 0;
+                *subid <<= 7;
+                *subid |= ch & 0x7F;
+        } while ((ch & 0x80) == 0x80);
+        return 1;
+}
+static int 
+asn1_oid_decode(struct asn1_ctx *ctx,
+                unsigned char *eoc, unsigned long **oid, unsigned int *len)
+{
+        unsigned long subid;
+        unsigned int size;
+        unsigned long *optr;
+        size = eoc - ctx->pointer + 1;
+        *oid = kmalloc(size * sizeof (unsigned long), GFP_ATOMIC);
+        if (*oid == NULL) {
+                return 0;
+        }
+        optr = *oid;
+        if (!asn1_subid_decode(ctx, &subid)) {
+                kfree(*oid);
+                *oid = NULL;
+                return 0;
+        }
+        if (subid < 40) {
+                optr[0] = 0;
+                optr[1] = subid;
+        } else if (subid < 80) {
+                optr[0] = 1;
+                optr[1] = subid - 40;
+        } else {
+                optr[0] = 2;
+                optr[1] = subid - 80;
+        }
+        *len = 2;
+        optr += 2;
+        while (ctx->pointer < eoc) {
+                if (++(*len) > size) {
+                        ctx->error = ASN1_ERR_DEC_BADVALUE;
+                        kfree(*oid);
+                        *oid = NULL;
+                        return 0;
+                }
+                if (!asn1_subid_decode(ctx, optr++)) {
+                        kfree(*oid);
+                        *oid = NULL;
+                        return 0;
+                }
+        }
+        return 1;
+}
+static int
+compare_oid(unsigned long *oid1, unsigned int oid1len,
+            unsigned long *oid2, unsigned int oid2len)
+{
+        unsigned int i;
+        if (oid1len != oid2len)
+                return 0;
+        else {
+                for (i = 0; i < oid1len; i++) {
+                        if (oid1[i] != oid2[i])
+                                return 0;
+                }
+                return 1;
+        }
+}
+        /* BB check for endian conversion issues here */
+int
+decode_negTokenInit(unsigned char *security_blob, int length,
+                    enum securityEnum *secType)
+{
+        struct asn1_ctx ctx;
+        unsigned char *end;
+        unsigned char *sequence_end;
+        unsigned long *oid = NULL;
+        unsigned int cls, con, tag, oidlen, rc;
+        int use_ntlmssp = FALSE;
+        *secType = NTLM; /* BB eventually make Kerberos or NLTMSSP the default */
+        /* cifs_dump_mem(" Received SecBlob ", security_blob, length); */
+        asn1_open(&ctx, security_blob, length);
+        if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
+                cFYI(1, ("Error decoding negTokenInit header "));
+                return 0;
+        } else if ((cls != ASN1_APL) || (con != ASN1_CON)
+                   || (tag != ASN1_EOC)) {
+                cFYI(1, ("cls = %d con = %d tag = %d", cls, con, tag));
+                return 0;
+        } else {
+                /*      remember to free obj->oid */
+                rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag);
+                if (rc) {
+                        if ((tag == ASN1_OJI) && (cls == ASN1_PRI)) {
+                                rc = asn1_oid_decode(&ctx, end, &oid, &oidlen);
+                                if (rc) {
+                                        rc = compare_oid(oid, oidlen,
+                                                         SPNEGO_OID,
+                                                         SPNEGO_OID_LEN);
+                                        kfree(oid);
+                                }
+                        } else
+                                rc = 0;
+                }
+                if (!rc) {
+                        cFYI(1, ("Error decoding negTokenInit header"));
+                        return 0;
+                }
+                if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
+                        cFYI(1, ("Error decoding negTokenInit "));
+                        return 0;
+                } else if ((cls != ASN1_CTX) || (con != ASN1_CON)
+                           || (tag != ASN1_EOC)) {
+                        cFYI(1,("cls = %d con = %d tag = %d end = %p (%d) exit 0",
+                              cls, con, tag, end, *end));
+                        return 0;
+                }
+                if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
+                        cFYI(1, ("Error decoding negTokenInit "));
+                        return 0;
+                } else if ((cls != ASN1_UNI) || (con != ASN1_CON)
+                           || (tag != ASN1_SEQ)) {
+                        cFYI(1,("cls = %d con = %d tag = %d end = %p (%d) exit 1",
+                              cls, con, tag, end, *end));
+                        return 0;
+                }
+                if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
+                        cFYI(1, ("Error decoding 2nd part of negTokenInit "));
+                        return 0;
+                } else if ((cls != ASN1_CTX) || (con != ASN1_CON)
+                           || (tag != ASN1_EOC)) {
+                        cFYI(1,
+                             ("cls = %d con = %d tag = %d end = %p (%d) exit 0",
+                              cls, con, tag, end, *end));
+                        return 0;
+                }
+                if (asn1_header_decode
+                    (&ctx, &sequence_end, &cls, &con, &tag) == 0) {
+                        cFYI(1, ("Error decoding 2nd part of negTokenInit "));
+                        return 0;
+                } else if ((cls != ASN1_UNI) || (con != ASN1_CON)
+                           || (tag != ASN1_SEQ)) {
+                        cFYI(1,
+                             ("cls = %d con = %d tag = %d end = %p (%d) exit 1",
+                              cls, con, tag, end, *end));
+                        return 0;
+                }
+                while (!asn1_eoc_decode(&ctx, sequence_end)) {
+                        rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag);
+                        if (!rc) {
+                                cFYI(1,
+                                     ("Error 1 decoding negTokenInit header exit 2"));
+                                return 0;
+                        }
+                        if ((tag == ASN1_OJI) && (con == ASN1_PRI)) {
+                                rc = asn1_oid_decode(&ctx, end, &oid, &oidlen);
+                                if(rc) {                
+                                        cFYI(1,
+                                          ("OID len = %d oid = 0x%lx 0x%lx 0x%lx 0x%lx",
+                                           oidlen, *oid, *(oid + 1), *(oid + 2),
+                                           *(oid + 3)));
+                                        rc = compare_oid(oid, oidlen, NTLMSSP_OID,
+                                                 NTLMSSP_OID_LEN);
+                                        if(oid)
+                                                kfree(oid);
+                                        if (rc)
+                                                use_ntlmssp = TRUE;
+                                }
+                        } else {
+                                cFYI(1,("This should be an oid what is going on? "));
+                        }
+                }
+                if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
+                        cFYI(1,
+                             ("Error decoding last part of negTokenInit exit 3"));
+                        return 0;
+                } else if ((cls != ASN1_CTX) || (con != ASN1_CON)) {    /* tag = 3 indicating mechListMIC */
+                        cFYI(1,
+                             ("Exit 4 cls = %d con = %d tag = %d end = %p (%d)",
+                              cls, con, tag, end, *end));
+                        return 0;
+                }
+                if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
+                        cFYI(1,
+                             ("Error decoding last part of negTokenInit exit 5"));
+                        return 0;
+                } else if ((cls != ASN1_UNI) || (con != ASN1_CON)
+                           || (tag != ASN1_SEQ)) {
+                        cFYI(1,
+                             ("Exit 6 cls = %d con = %d tag = %d end = %p (%d)",
+                              cls, con, tag, end, *end));
+                }
+                if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
+                        cFYI(1,
+                             ("Error decoding last part of negTokenInit exit 7"));
+                        return 0;
+                } else if ((cls != ASN1_CTX) || (con != ASN1_CON)) {
+                        cFYI(1,
+                             ("Exit 8 cls = %d con = %d tag = %d end = %p (%d)",
+                              cls, con, tag, end, *end));
+                        return 0;
+                }
+                if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
+                        cFYI(1,
+                             ("Error decoding last part of negTokenInit exit 9"));
+                        return 0;
+                } else if ((cls != ASN1_UNI) || (con != ASN1_PRI)
+                           || (tag != ASN1_GENSTR)) {
+                        cFYI(1,
+                             ("Exit 10 cls = %d con = %d tag = %d end = %p (%d)",
+                              cls, con, tag, end, *end));
+                        return 0;
+                }
+                cFYI(1, ("Need to call asn1_octets_decode() function for this %s", ctx.pointer));       /* is this UTF-8 or ASCII? */
+        }
+        /* if (use_kerberos) 
+           *secType = Kerberos 
+           else */
+        if (use_ntlmssp) {
+                *secType = NTLMSSP;
+        }
+        return 1;
+}
author	Linus Torvalds <torvalds@ppc970.osdl.org>	2005-04-16 18:20:36 -0400
committer	Linus Torvalds <torvalds@ppc970.osdl.org>	2005-04-16 18:20:36 -0400
commit	1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (patch)
tree	0bba044c4ce775e45a88a51686b5d9f90697ea9d /fs/cifs/asn1.c

diff --git a/fs/cifs/asn1.c b/fs/cifs/asn1.c new file mode 100644 index 000000000000..e02010dd73ec --- /dev/null +++ b/fs/cifs/asn1.c
@@ -0,0 +1,618 @@
	1	/*
	2	* The ASB.1/BER parsing code is derived from ip_nat_snmp_basic.c which was in
	3	* turn derived from the gxsnmp package by Gregory McLean & Jochen Friedrich
	4	*
	5	* Copyright (c) 2000 RP Internet (www.rpi.net.au).
	6	*
	7	* This program is free software; you can redistribute it and/or modify
	8	* it under the terms of the GNU General Public License as published by
	9	* the Free Software Foundation; either version 2 of the License, or
	10	* (at your option) any later version.
	11	* This program is distributed in the hope that it will be useful,
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	14	* GNU General Public License for more details.
	15	* You should have received a copy of the GNU General Public License
	16	* along with this program; if not, write to the Free Software
	17	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
	18	*/
	19
	20	#include <linux/config.h>
	21	#include <linux/module.h>
	22	#include <linux/types.h>
	23	#include <linux/kernel.h>
	24	#include <linux/mm.h>
	25	#include <linux/slab.h>
	26	#include "cifspdu.h"
	27	#include "cifsglob.h"
	28	#include "cifs_debug.h"
	29	#include "cifsproto.h"
	30
	31	/*****************************************************************************
	32	*
	33	* Basic ASN.1 decoding routines (gxsnmp author Dirk Wisse)
	34	*
	35	*****************************************************************************/
	36
	37	/* Class */
	38	#define ASN1_UNI 0 /* Universal */
	39	#define ASN1_APL 1 /* Application */
	40	#define ASN1_CTX 2 /* Context */
	41	#define ASN1_PRV 3 /* Private */
	42
	43	/* Tag */
	44	#define ASN1_EOC 0 /* End Of Contents or N/A */
	45	#define ASN1_BOL 1 /* Boolean */
	46	#define ASN1_INT 2 /* Integer */
	47	#define ASN1_BTS 3 /* Bit String */
	48	#define ASN1_OTS 4 /* Octet String */
	49	#define ASN1_NUL 5 /* Null */
	50	#define ASN1_OJI 6 /* Object Identifier */
	51	#define ASN1_OJD 7 /* Object Description */
	52	#define ASN1_EXT 8 /* External */
	53	#define ASN1_SEQ 16 /* Sequence */
	54	#define ASN1_SET 17 /* Set */
	55	#define ASN1_NUMSTR 18 /* Numerical String */
	56	#define ASN1_PRNSTR 19 /* Printable String */
	57	#define ASN1_TEXSTR 20 /* Teletext String */
	58	#define ASN1_VIDSTR 21 /* Video String */
	59	#define ASN1_IA5STR 22 /* IA5 String */
	60	#define ASN1_UNITIM 23 /* Universal Time */
	61	#define ASN1_GENTIM 24 /* General Time */
	62	#define ASN1_GRASTR 25 /* Graphical String */
	63	#define ASN1_VISSTR 26 /* Visible String */
	64	#define ASN1_GENSTR 27 /* General String */
	65
	66	/* Primitive / Constructed methods*/
	67	#define ASN1_PRI 0 /* Primitive */
	68	#define ASN1_CON 1 /* Constructed */
	69
	70	/*
	71	* Error codes.
	72	*/
	73	#define ASN1_ERR_NOERROR 0
	74	#define ASN1_ERR_DEC_EMPTY 2
	75	#define ASN1_ERR_DEC_EOC_MISMATCH 3
	76	#define ASN1_ERR_DEC_LENGTH_MISMATCH 4
	77	#define ASN1_ERR_DEC_BADVALUE 5
	78
	79	#define SPNEGO_OID_LEN 7
	80	#define NTLMSSP_OID_LEN 10
	81	static unsigned long SPNEGO_OID[7] = { 1, 3, 6, 1, 5, 5, 2 };
	82	static unsigned long NTLMSSP_OID[10] = { 1, 3, 6, 1, 4, 1, 311, 2, 2, 10 };
	83
	84	/*
	85	* ASN.1 context.
	86	*/
	87	struct asn1_ctx {
	88	int error; /* Error condition */
	89	unsigned char pointer; / Octet just to be decoded */
	90	unsigned char begin; / First octet */
	91	unsigned char end; / Octet after last octet */
	92	};
	93
	94	/*
	95	* Octet string (not null terminated)
	96	*/
	97	struct asn1_octstr {
	98	unsigned char *data;
	99	unsigned int len;
	100	};
	101
	102	static void
	103	asn1_open(struct asn1_ctx ctx, unsigned char buf, unsigned int len)
	104	{
	105	ctx->begin = buf;
	106	ctx->end = buf + len;
	107	ctx->pointer = buf;
	108	ctx->error = ASN1_ERR_NOERROR;
	109	}
	110
	111	static unsigned char
	112	asn1_octet_decode(struct asn1_ctx ctx, unsigned char ch)
	113	{
	114	if (ctx->pointer >= ctx->end) {
	115	ctx->error = ASN1_ERR_DEC_EMPTY;
	116	return 0;
	117	}
	118	ch = (ctx->pointer)++;
	119	return 1;
	120	}
	121
	122	static unsigned char
	123	asn1_tag_decode(struct asn1_ctx ctx, unsigned int tag)
	124	{
	125	unsigned char ch;
	126
	127	*tag = 0;
	128
	129	do {
	130	if (!asn1_octet_decode(ctx, &ch))
	131	return 0;
	132	*tag <<= 7;
	133	*tag \|= ch & 0x7F;
	134	} while ((ch & 0x80) == 0x80);
	135	return 1;
	136	}
	137
	138	static unsigned char
	139	asn1_id_decode(struct asn1_ctx *ctx,
	140	unsigned int cls, unsigned int con, unsigned int *tag)
	141	{
	142	unsigned char ch;
	143
	144	if (!asn1_octet_decode(ctx, &ch))
	145	return 0;
	146
	147	*cls = (ch & 0xC0) >> 6;
	148	*con = (ch & 0x20) >> 5;
	149	*tag = (ch & 0x1F);
	150
	151	if (*tag == 0x1F) {
	152	if (!asn1_tag_decode(ctx, tag))
	153	return 0;
	154	}
	155	return 1;
	156	}
	157
	158	static unsigned char
	159	asn1_length_decode(struct asn1_ctx ctx, unsigned int def, unsigned int *len)
	160	{
	161	unsigned char ch, cnt;
	162
	163	if (!asn1_octet_decode(ctx, &ch))
	164	return 0;
	165
	166	if (ch == 0x80)
	167	*def = 0;
	168	else {
	169	*def = 1;
	170
	171	if (ch < 0x80)
	172	*len = ch;
	173	else {
	174	cnt = (unsigned char) (ch & 0x7F);
	175	*len = 0;
	176
	177	while (cnt > 0) {
	178	if (!asn1_octet_decode(ctx, &ch))
	179	return 0;
	180	*len <<= 8;
	181	*len \|= ch;
	182	cnt--;
	183	}
	184	}
	185	}
	186	return 1;
	187	}
	188
	189	static unsigned char
	190	asn1_header_decode(struct asn1_ctx *ctx,
	191	unsigned char **eoc,
	192	unsigned int cls, unsigned int con, unsigned int *tag)
	193	{
	194	unsigned int def, len;
	195
	196	if (!asn1_id_decode(ctx, cls, con, tag))
	197	return 0;
	198
	199	if (!asn1_length_decode(ctx, &def, &len))
	200	return 0;
	201
	202	if (def)
	203	*eoc = ctx->pointer + len;
	204	else
	205	*eoc = NULL;
	206	return 1;
	207	}
	208
	209	static unsigned char
	210	asn1_eoc_decode(struct asn1_ctx ctx, unsigned char eoc)
	211	{
	212	unsigned char ch;
	213
	214	if (eoc == NULL) {
	215	if (!asn1_octet_decode(ctx, &ch))
	216	return 0;
	217
	218	if (ch != 0x00) {
	219	ctx->error = ASN1_ERR_DEC_EOC_MISMATCH;
	220	return 0;
	221	}
	222
	223	if (!asn1_octet_decode(ctx, &ch))
	224	return 0;
	225
	226	if (ch != 0x00) {
	227	ctx->error = ASN1_ERR_DEC_EOC_MISMATCH;
	228	return 0;
	229	}
	230	return 1;
	231	} else {
	232	if (ctx->pointer != eoc) {
	233	ctx->error = ASN1_ERR_DEC_LENGTH_MISMATCH;
	234	return 0;
	235	}
	236	return 1;
	237	}
	238	}
	239
	240	/* static unsigned char asn1_null_decode(struct asn1_ctx *ctx,
	241	unsigned char *eoc)
	242	{
	243	ctx->pointer = eoc;
	244	return 1;
	245	}
	246
	247	static unsigned char asn1_long_decode(struct asn1_ctx *ctx,
	248	unsigned char eoc, long integer)
	249	{
	250	unsigned char ch;
	251	unsigned int len;
	252
	253	if (!asn1_octet_decode(ctx, &ch))
	254	return 0;
	255
	256	*integer = (signed char) ch;
	257	len = 1;
	258
	259	while (ctx->pointer < eoc) {
	260	if (++len > sizeof(long)) {
	261	ctx->error = ASN1_ERR_DEC_BADVALUE;
	262	return 0;
	263	}
	264
	265	if (!asn1_octet_decode(ctx, &ch))
	266	return 0;
	267
	268	*integer <<= 8;
	269	*integer \|= ch;
	270	}
	271	return 1;
	272	}
	273
	274	static unsigned char asn1_uint_decode(struct asn1_ctx *ctx,
	275	unsigned char *eoc,
	276	unsigned int *integer)
	277	{
	278	unsigned char ch;
	279	unsigned int len;
	280
	281	if (!asn1_octet_decode(ctx, &ch))
	282	return 0;
	283
	284	*integer = ch;
	285	if (ch == 0)
	286	len = 0;
	287	else
	288	len = 1;
	289
	290	while (ctx->pointer < eoc) {
	291	if (++len > sizeof(unsigned int)) {
	292	ctx->error = ASN1_ERR_DEC_BADVALUE;
	293	return 0;
	294	}
	295
	296	if (!asn1_octet_decode(ctx, &ch))
	297	return 0;
	298
	299	*integer <<= 8;
	300	*integer \|= ch;
	301	}
	302	return 1;
	303	}
	304
	305	static unsigned char asn1_ulong_decode(struct asn1_ctx *ctx,
	306	unsigned char *eoc,
	307	unsigned long *integer)
	308	{
	309	unsigned char ch;
	310	unsigned int len;
	311
	312	if (!asn1_octet_decode(ctx, &ch))
	313	return 0;
	314
	315	*integer = ch;
	316	if (ch == 0)
	317	len = 0;
	318	else
	319	len = 1;
	320
	321	while (ctx->pointer < eoc) {
	322	if (++len > sizeof(unsigned long)) {
	323	ctx->error = ASN1_ERR_DEC_BADVALUE;
	324	return 0;
	325	}
	326
	327	if (!asn1_octet_decode(ctx, &ch))
	328	return 0;
	329
	330	*integer <<= 8;
	331	*integer \|= ch;
	332	}
	333	return 1;
	334	}
	335
	336	static unsigned char
	337	asn1_octets_decode(struct asn1_ctx *ctx,
	338	unsigned char *eoc,
	339	unsigned char *octets, unsigned int len)
	340	{
	341	unsigned char *ptr;
	342
	343	*len = 0;
	344
	345	*octets = kmalloc(eoc - ctx->pointer, GFP_ATOMIC);
	346	if (*octets == NULL) {
	347	return 0;
	348	}
	349
	350	ptr = *octets;
	351	while (ctx->pointer < eoc) {
	352	if (!asn1_octet_decode(ctx, (unsigned char *) ptr++)) {
	353	kfree(*octets);
	354	*octets = NULL;
	355	return 0;
	356	}
	357	(*len)++;
	358	}
	359	return 1;
	360	} */
	361
	362	static unsigned char
	363	asn1_subid_decode(struct asn1_ctx ctx, unsigned long subid)
	364	{
	365	unsigned char ch;
	366
	367	*subid = 0;
	368
	369	do {
	370	if (!asn1_octet_decode(ctx, &ch))
	371	return 0;
	372
	373	*subid <<= 7;
	374	*subid \|= ch & 0x7F;
	375	} while ((ch & 0x80) == 0x80);
	376	return 1;
	377	}
	378
	379	static int
	380	asn1_oid_decode(struct asn1_ctx *ctx,
	381	unsigned char eoc, unsigned long oid, unsigned int len)
	382	{
	383	unsigned long subid;
	384	unsigned int size;
	385	unsigned long *optr;
	386
	387	size = eoc - ctx->pointer + 1;
	388	oid = kmalloc(size sizeof (unsigned long), GFP_ATOMIC);
	389	if (*oid == NULL) {
	390	return 0;
	391	}
	392
	393	optr = *oid;
	394
	395	if (!asn1_subid_decode(ctx, &subid)) {
	396	kfree(*oid);
	397	*oid = NULL;
	398	return 0;
	399	}
	400
	401	if (subid < 40) {
	402	optr[0] = 0;
	403	optr[1] = subid;
	404	} else if (subid < 80) {
	405	optr[0] = 1;
	406	optr[1] = subid - 40;
	407	} else {
	408	optr[0] = 2;
	409	optr[1] = subid - 80;
	410	}
	411
	412	*len = 2;
	413	optr += 2;
	414
	415	while (ctx->pointer < eoc) {
	416	if (++(*len) > size) {
	417	ctx->error = ASN1_ERR_DEC_BADVALUE;
	418	kfree(*oid);
	419	*oid = NULL;
	420	return 0;
	421	}
	422
	423	if (!asn1_subid_decode(ctx, optr++)) {
	424	kfree(*oid);
	425	*oid = NULL;
	426	return 0;
	427	}
	428	}
	429	return 1;
	430	}
	431
	432	static int
	433	compare_oid(unsigned long *oid1, unsigned int oid1len,
	434	unsigned long *oid2, unsigned int oid2len)
	435	{
	436	unsigned int i;
	437
	438	if (oid1len != oid2len)
	439	return 0;
	440	else {
	441	for (i = 0; i < oid1len; i++) {
	442	if (oid1[i] != oid2[i])
	443	return 0;
	444	}
	445	return 1;
	446	}
	447	}
	448
	449	/* BB check for endian conversion issues here */
	450
	451	int
	452	decode_negTokenInit(unsigned char *security_blob, int length,
	453	enum securityEnum *secType)
	454	{
	455	struct asn1_ctx ctx;
	456	unsigned char *end;
	457	unsigned char *sequence_end;
	458	unsigned long *oid = NULL;
	459	unsigned int cls, con, tag, oidlen, rc;
	460	int use_ntlmssp = FALSE;
	461
	462	secType = NTLM; / BB eventually make Kerberos or NLTMSSP the default */
	463
	464	/* cifs_dump_mem(" Received SecBlob ", security_blob, length); */
	465
	466	asn1_open(&ctx, security_blob, length);
	467
	468	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
	469	cFYI(1, ("Error decoding negTokenInit header "));
	470	return 0;
	471	} else if ((cls != ASN1_APL) \|\| (con != ASN1_CON)
	472	\|\| (tag != ASN1_EOC)) {
	473	cFYI(1, ("cls = %d con = %d tag = %d", cls, con, tag));
	474	return 0;
	475	} else {
	476	/* remember to free obj->oid */
	477	rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag);
	478	if (rc) {
	479	if ((tag == ASN1_OJI) && (cls == ASN1_PRI)) {
	480	rc = asn1_oid_decode(&ctx, end, &oid, &oidlen);
	481	if (rc) {
	482	rc = compare_oid(oid, oidlen,
	483	SPNEGO_OID,
	484	SPNEGO_OID_LEN);
	485	kfree(oid);
	486	}
	487	} else
	488	rc = 0;
	489	}
	490
	491	if (!rc) {
	492	cFYI(1, ("Error decoding negTokenInit header"));
	493	return 0;
	494	}
	495
	496	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
	497	cFYI(1, ("Error decoding negTokenInit "));
	498	return 0;
	499	} else if ((cls != ASN1_CTX) \|\| (con != ASN1_CON)
	500	\|\| (tag != ASN1_EOC)) {
	501	cFYI(1,("cls = %d con = %d tag = %d end = %p (%d) exit 0",
	502	cls, con, tag, end, *end));
	503	return 0;
	504	}
	505
	506	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
	507	cFYI(1, ("Error decoding negTokenInit "));
	508	return 0;
	509	} else if ((cls != ASN1_UNI) \|\| (con != ASN1_CON)
	510	\|\| (tag != ASN1_SEQ)) {
	511	cFYI(1,("cls = %d con = %d tag = %d end = %p (%d) exit 1",
	512	cls, con, tag, end, *end));
	513	return 0;
	514	}
	515
	516	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
	517	cFYI(1, ("Error decoding 2nd part of negTokenInit "));
	518	return 0;
	519	} else if ((cls != ASN1_CTX) \|\| (con != ASN1_CON)
	520	\|\| (tag != ASN1_EOC)) {
	521	cFYI(1,
	522	("cls = %d con = %d tag = %d end = %p (%d) exit 0",
	523	cls, con, tag, end, *end));
	524	return 0;
	525	}
	526
	527	if (asn1_header_decode
	528	(&ctx, &sequence_end, &cls, &con, &tag) == 0) {
	529	cFYI(1, ("Error decoding 2nd part of negTokenInit "));
	530	return 0;
	531	} else if ((cls != ASN1_UNI) \|\| (con != ASN1_CON)
	532	\|\| (tag != ASN1_SEQ)) {
	533	cFYI(1,
	534	("cls = %d con = %d tag = %d end = %p (%d) exit 1",
	535	cls, con, tag, end, *end));
	536	return 0;
	537	}
	538
	539	while (!asn1_eoc_decode(&ctx, sequence_end)) {
	540	rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag);
	541	if (!rc) {
	542	cFYI(1,
	543	("Error 1 decoding negTokenInit header exit 2"));
	544	return 0;
	545	}
	546	if ((tag == ASN1_OJI) && (con == ASN1_PRI)) {
	547	rc = asn1_oid_decode(&ctx, end, &oid, &oidlen);
	548	if(rc) {
	549	cFYI(1,
	550	("OID len = %d oid = 0x%lx 0x%lx 0x%lx 0x%lx",
	551	oidlen, oid, (oid + 1), *(oid + 2),
	552	*(oid + 3)));
	553	rc = compare_oid(oid, oidlen, NTLMSSP_OID,
	554	NTLMSSP_OID_LEN);
	555	if(oid)
	556	kfree(oid);
	557	if (rc)
	558	use_ntlmssp = TRUE;
	559	}
	560	} else {
	561	cFYI(1,("This should be an oid what is going on? "));
	562	}
	563	}
	564
	565	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
	566	cFYI(1,
	567	("Error decoding last part of negTokenInit exit 3"));
	568	return 0;
	569	} else if ((cls != ASN1_CTX) \|\| (con != ASN1_CON)) { /* tag = 3 indicating mechListMIC */
	570	cFYI(1,
	571	("Exit 4 cls = %d con = %d tag = %d end = %p (%d)",
	572	cls, con, tag, end, *end));
	573	return 0;
	574	}
	575	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
	576	cFYI(1,
	577	("Error decoding last part of negTokenInit exit 5"));
	578	return 0;
	579	} else if ((cls != ASN1_UNI) \|\| (con != ASN1_CON)
	580	\|\| (tag != ASN1_SEQ)) {
	581	cFYI(1,
	582	("Exit 6 cls = %d con = %d tag = %d end = %p (%d)",
	583	cls, con, tag, end, *end));
	584	}
	585
	586	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
	587	cFYI(1,
	588	("Error decoding last part of negTokenInit exit 7"));
	589	return 0;
	590	} else if ((cls != ASN1_CTX) \|\| (con != ASN1_CON)) {
	591	cFYI(1,
	592	("Exit 8 cls = %d con = %d tag = %d end = %p (%d)",
	593	cls, con, tag, end, *end));
	594	return 0;
	595	}
	596	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
	597	cFYI(1,
	598	("Error decoding last part of negTokenInit exit 9"));
	599	return 0;
	600	} else if ((cls != ASN1_UNI) \|\| (con != ASN1_PRI)
	601	\|\| (tag != ASN1_GENSTR)) {
	602	cFYI(1,
	603	("Exit 10 cls = %d con = %d tag = %d end = %p (%d)",
	604	cls, con, tag, end, *end));
	605	return 0;
	606	}
	607	cFYI(1, ("Need to call asn1_octets_decode() function for this %s", ctx.pointer)); /* is this UTF-8 or ASCII? */
	608	}
	609
	610	/* if (use_kerberos)
	611	*secType = Kerberos
	612	else */
	613	if (use_ntlmssp) {
	614	*secType = NTLMSSP;
	615	}
	616
	617	return 1;
	618	}