diff options
| author | Steve French <sfrench@us.ibm.com> | 2010-09-08 17:10:58 -0400 |
|---|---|---|
| committer | Steve French <sfrench@us.ibm.com> | 2010-09-08 17:10:58 -0400 |
| commit | c8e56f1f4fb9f82f63e4ce6d73a14501d0432c76 (patch) | |
| tree | 6d0988317a6eaf4b454c73a1dd95f89184f5b1ed /fs/cifs/cifsencrypt.c | |
| parent | 745e507a9c79c6e1385d3414d5e56f3d4621a375 (diff) | |
Revert "[CIFS] Fix ntlmv2 auth with ntlmssp"
This reverts commit 9fbc590860e75785bdaf8b83e48fabfe4d4f7d58.
The change to kernel crypto and fixes to ntlvm2 and ntlmssp
series, introduced a regression. Deferring this patch series
to 2.6.37 after Shirish fixes it.
Signed-off-by: Steve French <sfrench@us.ibm.com>
Acked-by: Jeff Layton <jlayton@redhat.com>
CC: Shirish Pargaonkar <shirishp@us.ibm.com>
Diffstat (limited to 'fs/cifs/cifsencrypt.c')
| -rw-r--r-- | fs/cifs/cifsencrypt.c | 416 |
1 files changed, 122 insertions, 294 deletions
diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c index 051d00011ca3..847628dfdc44 100644 --- a/fs/cifs/cifsencrypt.c +++ b/fs/cifs/cifsencrypt.c | |||
| @@ -27,7 +27,6 @@ | |||
| 27 | #include "md5.h" | 27 | #include "md5.h" |
| 28 | #include "cifs_unicode.h" | 28 | #include "cifs_unicode.h" |
| 29 | #include "cifsproto.h" | 29 | #include "cifsproto.h" |
| 30 | #include "ntlmssp.h" | ||
| 31 | #include <linux/ctype.h> | 30 | #include <linux/ctype.h> |
| 32 | #include <linux/random.h> | 31 | #include <linux/random.h> |
| 33 | 32 | ||
| @@ -43,44 +42,21 @@ extern void SMBencrypt(unsigned char *passwd, const unsigned char *c8, | |||
| 43 | unsigned char *p24); | 42 | unsigned char *p24); |
| 44 | 43 | ||
| 45 | static int cifs_calculate_signature(const struct smb_hdr *cifs_pdu, | 44 | static int cifs_calculate_signature(const struct smb_hdr *cifs_pdu, |
| 46 | struct TCP_Server_Info *server, char *signature) | 45 | const struct mac_key *key, char *signature) |
| 47 | { | 46 | { |
| 48 | int rc = 0; | 47 | struct MD5Context context; |
| 49 | struct { | ||
| 50 | struct shash_desc shash; | ||
| 51 | char ctx[crypto_shash_descsize(server->ntlmssp.md5)]; | ||
| 52 | } sdesc; | ||
| 53 | 48 | ||
| 54 | if (cifs_pdu == NULL || server == NULL || signature == NULL) | 49 | if ((cifs_pdu == NULL) || (signature == NULL) || (key == NULL)) |
| 55 | return -EINVAL; | 50 | return -EINVAL; |
| 56 | 51 | ||
| 57 | sdesc.shash.tfm = server->ntlmssp.md5; | 52 | cifs_MD5_init(&context); |
| 58 | sdesc.shash.flags = 0x0; | 53 | cifs_MD5_update(&context, (char *)&key->data, key->len); |
| 59 | 54 | cifs_MD5_update(&context, cifs_pdu->Protocol, cifs_pdu->smb_buf_length); | |
| 60 | rc = crypto_shash_init(&sdesc.shash); | ||
| 61 | if (rc) { | ||
| 62 | cERROR(1, "could not initialize master crypto API hmacmd5\n"); | ||
| 63 | return rc; | ||
| 64 | } | ||
| 65 | |||
| 66 | if (server->secType == RawNTLMSSP) | ||
| 67 | crypto_shash_update(&sdesc.shash, | ||
| 68 | server->session_key.data.ntlmv2.key, | ||
| 69 | CIFS_NTLMV2_SESSKEY_SIZE); | ||
| 70 | else | ||
| 71 | crypto_shash_update(&sdesc.shash, | ||
| 72 | (char *)&server->session_key.data, | ||
| 73 | server->session_key.len); | ||
| 74 | |||
| 75 | crypto_shash_update(&sdesc.shash, | ||
| 76 | cifs_pdu->Protocol, cifs_pdu->smb_buf_length); | ||
| 77 | |||
| 78 | rc = crypto_shash_final(&sdesc.shash, signature); | ||
| 79 | 55 | ||
| 56 | cifs_MD5_final(signature, &context); | ||
| 80 | return 0; | 57 | return 0; |
| 81 | } | 58 | } |
| 82 | 59 | ||
| 83 | |||
| 84 | int cifs_sign_smb(struct smb_hdr *cifs_pdu, struct TCP_Server_Info *server, | 60 | int cifs_sign_smb(struct smb_hdr *cifs_pdu, struct TCP_Server_Info *server, |
| 85 | __u32 *pexpected_response_sequence_number) | 61 | __u32 *pexpected_response_sequence_number) |
| 86 | { | 62 | { |
| @@ -102,7 +78,8 @@ int cifs_sign_smb(struct smb_hdr *cifs_pdu, struct TCP_Server_Info *server, | |||
| 102 | server->sequence_number++; | 78 | server->sequence_number++; |
| 103 | spin_unlock(&GlobalMid_Lock); | 79 | spin_unlock(&GlobalMid_Lock); |
| 104 | 80 | ||
| 105 | rc = cifs_calculate_signature(cifs_pdu, server, smb_signature); | 81 | rc = cifs_calculate_signature(cifs_pdu, &server->mac_signing_key, |
| 82 | smb_signature); | ||
| 106 | if (rc) | 83 | if (rc) |
| 107 | memset(cifs_pdu->Signature.SecuritySignature, 0, 8); | 84 | memset(cifs_pdu->Signature.SecuritySignature, 0, 8); |
| 108 | else | 85 | else |
| @@ -112,36 +89,16 @@ int cifs_sign_smb(struct smb_hdr *cifs_pdu, struct TCP_Server_Info *server, | |||
| 112 | } | 89 | } |
| 113 | 90 | ||
| 114 | static int cifs_calc_signature2(const struct kvec *iov, int n_vec, | 91 | static int cifs_calc_signature2(const struct kvec *iov, int n_vec, |
| 115 | struct TCP_Server_Info *server, char *signature) | 92 | const struct mac_key *key, char *signature) |
| 116 | { | 93 | { |
| 94 | struct MD5Context context; | ||
| 117 | int i; | 95 | int i; |
| 118 | int rc = 0; | ||
| 119 | struct { | ||
| 120 | struct shash_desc shash; | ||
| 121 | char ctx[crypto_shash_descsize(server->ntlmssp.md5)]; | ||
| 122 | } sdesc; | ||
| 123 | 96 | ||
| 124 | if (iov == NULL || server == NULL || signature == NULL) | 97 | if ((iov == NULL) || (signature == NULL) || (key == NULL)) |
| 125 | return -EINVAL; | 98 | return -EINVAL; |
| 126 | 99 | ||
| 127 | sdesc.shash.tfm = server->ntlmssp.md5; | 100 | cifs_MD5_init(&context); |
| 128 | sdesc.shash.flags = 0x0; | 101 | cifs_MD5_update(&context, (char *)&key->data, key->len); |
| 129 | |||
| 130 | rc = crypto_shash_init(&sdesc.shash); | ||
| 131 | if (rc) { | ||
| 132 | cERROR(1, "could not initialize master crypto API hmacmd5\n"); | ||
| 133 | return rc; | ||
| 134 | } | ||
| 135 | |||
| 136 | if (server->secType == RawNTLMSSP) | ||
| 137 | crypto_shash_update(&sdesc.shash, | ||
| 138 | server->session_key.data.ntlmv2.key, | ||
| 139 | CIFS_NTLMV2_SESSKEY_SIZE); | ||
| 140 | else | ||
| 141 | crypto_shash_update(&sdesc.shash, | ||
| 142 | (char *)&server->session_key.data, | ||
| 143 | server->session_key.len); | ||
| 144 | |||
| 145 | for (i = 0; i < n_vec; i++) { | 102 | for (i = 0; i < n_vec; i++) { |
| 146 | if (iov[i].iov_len == 0) | 103 | if (iov[i].iov_len == 0) |
| 147 | continue; | 104 | continue; |
| @@ -154,18 +111,18 @@ static int cifs_calc_signature2(const struct kvec *iov, int n_vec, | |||
| 154 | if (i == 0) { | 111 | if (i == 0) { |
| 155 | if (iov[0].iov_len <= 8) /* cmd field at offset 9 */ | 112 | if (iov[0].iov_len <= 8) /* cmd field at offset 9 */ |
| 156 | break; /* nothing to sign or corrupt header */ | 113 | break; /* nothing to sign or corrupt header */ |
| 157 | crypto_shash_update(&sdesc.shash, | 114 | cifs_MD5_update(&context, iov[0].iov_base+4, |
| 158 | iov[i].iov_base + 4, iov[i].iov_len - 4); | 115 | iov[0].iov_len-4); |
| 159 | } else | 116 | } else |
| 160 | crypto_shash_update(&sdesc.shash, | 117 | cifs_MD5_update(&context, iov[i].iov_base, iov[i].iov_len); |
| 161 | iov[i].iov_base, iov[i].iov_len); | ||
| 162 | } | 118 | } |
| 163 | 119 | ||
| 164 | rc = crypto_shash_final(&sdesc.shash, signature); | 120 | cifs_MD5_final(signature, &context); |
| 165 | 121 | ||
| 166 | return 0; | 122 | return 0; |
| 167 | } | 123 | } |
| 168 | 124 | ||
| 125 | |||
| 169 | int cifs_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *server, | 126 | int cifs_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *server, |
| 170 | __u32 *pexpected_response_sequence_number) | 127 | __u32 *pexpected_response_sequence_number) |
| 171 | { | 128 | { |
| @@ -188,7 +145,8 @@ int cifs_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *server, | |||
| 188 | server->sequence_number++; | 145 | server->sequence_number++; |
| 189 | spin_unlock(&GlobalMid_Lock); | 146 | spin_unlock(&GlobalMid_Lock); |
| 190 | 147 | ||
| 191 | rc = cifs_calc_signature2(iov, n_vec, server, smb_signature); | 148 | rc = cifs_calc_signature2(iov, n_vec, &server->mac_signing_key, |
| 149 | smb_signature); | ||
| 192 | if (rc) | 150 | if (rc) |
| 193 | memset(cifs_pdu->Signature.SecuritySignature, 0, 8); | 151 | memset(cifs_pdu->Signature.SecuritySignature, 0, 8); |
| 194 | else | 152 | else |
| @@ -198,14 +156,14 @@ int cifs_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *server, | |||
| 198 | } | 156 | } |
| 199 | 157 | ||
| 200 | int cifs_verify_signature(struct smb_hdr *cifs_pdu, | 158 | int cifs_verify_signature(struct smb_hdr *cifs_pdu, |
| 201 | struct TCP_Server_Info *server, | 159 | const struct mac_key *mac_key, |
| 202 | __u32 expected_sequence_number) | 160 | __u32 expected_sequence_number) |
| 203 | { | 161 | { |
| 204 | int rc; | 162 | unsigned int rc; |
| 205 | char server_response_sig[8]; | 163 | char server_response_sig[8]; |
| 206 | char what_we_think_sig_should_be[20]; | 164 | char what_we_think_sig_should_be[20]; |
| 207 | 165 | ||
| 208 | if (cifs_pdu == NULL || server == NULL) | 166 | if ((cifs_pdu == NULL) || (mac_key == NULL)) |
| 209 | return -EINVAL; | 167 | return -EINVAL; |
| 210 | 168 | ||
| 211 | if (cifs_pdu->Command == SMB_COM_NEGOTIATE) | 169 | if (cifs_pdu->Command == SMB_COM_NEGOTIATE) |
| @@ -234,7 +192,7 @@ int cifs_verify_signature(struct smb_hdr *cifs_pdu, | |||
| 234 | cpu_to_le32(expected_sequence_number); | 192 | cpu_to_le32(expected_sequence_number); |
| 235 | cifs_pdu->Signature.Sequence.Reserved = 0; | 193 | cifs_pdu->Signature.Sequence.Reserved = 0; |
| 236 | 194 | ||
| 237 | rc = cifs_calculate_signature(cifs_pdu, server, | 195 | rc = cifs_calculate_signature(cifs_pdu, mac_key, |
| 238 | what_we_think_sig_should_be); | 196 | what_we_think_sig_should_be); |
| 239 | 197 | ||
| 240 | if (rc) | 198 | if (rc) |
| @@ -251,7 +209,7 @@ int cifs_verify_signature(struct smb_hdr *cifs_pdu, | |||
| 251 | } | 209 | } |
| 252 | 210 | ||
| 253 | /* We fill in key by putting in 40 byte array which was allocated by caller */ | 211 | /* We fill in key by putting in 40 byte array which was allocated by caller */ |
| 254 | int cifs_calculate_session_key(struct session_key *key, const char *rn, | 212 | int cifs_calculate_mac_key(struct mac_key *key, const char *rn, |
| 255 | const char *password) | 213 | const char *password) |
| 256 | { | 214 | { |
| 257 | char temp_key[16]; | 215 | char temp_key[16]; |
| @@ -265,6 +223,63 @@ int cifs_calculate_session_key(struct session_key *key, const char *rn, | |||
| 265 | return 0; | 223 | return 0; |
| 266 | } | 224 | } |
| 267 | 225 | ||
| 226 | int CalcNTLMv2_partial_mac_key(struct cifsSesInfo *ses, | ||
| 227 | const struct nls_table *nls_info) | ||
| 228 | { | ||
| 229 | char temp_hash[16]; | ||
| 230 | struct HMACMD5Context ctx; | ||
| 231 | char *ucase_buf; | ||
| 232 | __le16 *unicode_buf; | ||
| 233 | unsigned int i, user_name_len, dom_name_len; | ||
| 234 | |||
| 235 | if (ses == NULL) | ||
| 236 | return -EINVAL; | ||
| 237 | |||
| 238 | E_md4hash(ses->password, temp_hash); | ||
| 239 | |||
| 240 | hmac_md5_init_limK_to_64(temp_hash, 16, &ctx); | ||
| 241 | user_name_len = strlen(ses->userName); | ||
| 242 | if (user_name_len > MAX_USERNAME_SIZE) | ||
| 243 | return -EINVAL; | ||
| 244 | if (ses->domainName == NULL) | ||
| 245 | return -EINVAL; /* BB should we use CIFS_LINUX_DOM */ | ||
| 246 | dom_name_len = strlen(ses->domainName); | ||
| 247 | if (dom_name_len > MAX_USERNAME_SIZE) | ||
| 248 | return -EINVAL; | ||
| 249 | |||
| 250 | ucase_buf = kmalloc((MAX_USERNAME_SIZE+1), GFP_KERNEL); | ||
| 251 | if (ucase_buf == NULL) | ||
| 252 | return -ENOMEM; | ||
| 253 | unicode_buf = kmalloc((MAX_USERNAME_SIZE+1)*4, GFP_KERNEL); | ||
| 254 | if (unicode_buf == NULL) { | ||
| 255 | kfree(ucase_buf); | ||
| 256 | return -ENOMEM; | ||
| 257 | } | ||
| 258 | |||
| 259 | for (i = 0; i < user_name_len; i++) | ||
| 260 | ucase_buf[i] = nls_info->charset2upper[(int)ses->userName[i]]; | ||
| 261 | ucase_buf[i] = 0; | ||
| 262 | user_name_len = cifs_strtoUCS(unicode_buf, ucase_buf, | ||
| 263 | MAX_USERNAME_SIZE*2, nls_info); | ||
| 264 | unicode_buf[user_name_len] = 0; | ||
| 265 | user_name_len++; | ||
| 266 | |||
| 267 | for (i = 0; i < dom_name_len; i++) | ||
| 268 | ucase_buf[i] = nls_info->charset2upper[(int)ses->domainName[i]]; | ||
| 269 | ucase_buf[i] = 0; | ||
| 270 | dom_name_len = cifs_strtoUCS(unicode_buf+user_name_len, ucase_buf, | ||
| 271 | MAX_USERNAME_SIZE*2, nls_info); | ||
| 272 | |||
| 273 | unicode_buf[user_name_len + dom_name_len] = 0; | ||
| 274 | hmac_md5_update((const unsigned char *) unicode_buf, | ||
| 275 | (user_name_len+dom_name_len)*2, &ctx); | ||
| 276 | |||
| 277 | hmac_md5_final(ses->server->ntlmv2_hash, &ctx); | ||
| 278 | kfree(ucase_buf); | ||
| 279 | kfree(unicode_buf); | ||
| 280 | return 0; | ||
| 281 | } | ||
| 282 | |||
| 268 | #ifdef CONFIG_CIFS_WEAK_PW_HASH | 283 | #ifdef CONFIG_CIFS_WEAK_PW_HASH |
| 269 | void calc_lanman_hash(const char *password, const char *cryptkey, bool encrypt, | 284 | void calc_lanman_hash(const char *password, const char *cryptkey, bool encrypt, |
| 270 | char *lnm_session_key) | 285 | char *lnm_session_key) |
| @@ -309,29 +324,21 @@ static int calc_ntlmv2_hash(struct cifsSesInfo *ses, | |||
| 309 | { | 324 | { |
| 310 | int rc = 0; | 325 | int rc = 0; |
| 311 | int len; | 326 | int len; |
| 312 | char nt_hash[CIFS_NTHASH_SIZE]; | 327 | char nt_hash[16]; |
| 328 | struct HMACMD5Context *pctxt; | ||
| 313 | wchar_t *user; | 329 | wchar_t *user; |
| 314 | wchar_t *domain; | 330 | wchar_t *domain; |
| 315 | wchar_t *server; | ||
| 316 | struct { | ||
| 317 | struct shash_desc shash; | ||
| 318 | char ctx[crypto_shash_descsize(ses->server->ntlmssp.hmacmd5)]; | ||
| 319 | } sdesc; | ||
| 320 | 331 | ||
| 321 | /* calculate md4 hash of password */ | 332 | pctxt = kmalloc(sizeof(struct HMACMD5Context), GFP_KERNEL); |
| 322 | E_md4hash(ses->password, nt_hash); | ||
| 323 | 333 | ||
| 324 | sdesc.shash.tfm = ses->server->ntlmssp.hmacmd5; | 334 | if (pctxt == NULL) |
| 325 | sdesc.shash.flags = 0x0; | 335 | return -ENOMEM; |
| 326 | 336 | ||
| 327 | crypto_shash_setkey(ses->server->ntlmssp.hmacmd5, nt_hash, | 337 | /* calculate md4 hash of password */ |
| 328 | CIFS_NTHASH_SIZE); | 338 | E_md4hash(ses->password, nt_hash); |
| 329 | 339 | ||
| 330 | rc = crypto_shash_init(&sdesc.shash); | 340 | /* convert Domainname to unicode and uppercase */ |
| 331 | if (rc) { | 341 | hmac_md5_init_limK_to_64(nt_hash, 16, pctxt); |
| 332 | cERROR(1, "could not initialize master crypto API hmacmd5\n"); | ||
| 333 | return rc; | ||
| 334 | } | ||
| 335 | 342 | ||
| 336 | /* convert ses->userName to unicode and uppercase */ | 343 | /* convert ses->userName to unicode and uppercase */ |
| 337 | len = strlen(ses->userName); | 344 | len = strlen(ses->userName); |
| @@ -340,8 +347,7 @@ static int calc_ntlmv2_hash(struct cifsSesInfo *ses, | |||
| 340 | goto calc_exit_2; | 347 | goto calc_exit_2; |
| 341 | len = cifs_strtoUCS((__le16 *)user, ses->userName, len, nls_cp); | 348 | len = cifs_strtoUCS((__le16 *)user, ses->userName, len, nls_cp); |
| 342 | UniStrupr(user); | 349 | UniStrupr(user); |
| 343 | 350 | hmac_md5_update((char *)user, 2*len, pctxt); | |
| 344 | crypto_shash_update(&sdesc.shash, (char *)user, 2 * len); | ||
| 345 | 351 | ||
| 346 | /* convert ses->domainName to unicode and uppercase */ | 352 | /* convert ses->domainName to unicode and uppercase */ |
| 347 | if (ses->domainName) { | 353 | if (ses->domainName) { |
| @@ -357,243 +363,65 @@ static int calc_ntlmv2_hash(struct cifsSesInfo *ses, | |||
| 357 | Maybe converting the domain name earlier makes sense */ | 363 | Maybe converting the domain name earlier makes sense */ |
| 358 | /* UniStrupr(domain); */ | 364 | /* UniStrupr(domain); */ |
| 359 | 365 | ||
| 360 | crypto_shash_update(&sdesc.shash, (char *)domain, 2 * len); | 366 | hmac_md5_update((char *)domain, 2*len, pctxt); |
| 361 | 367 | ||
| 362 | kfree(domain); | 368 | kfree(domain); |
| 363 | } else if (ses->serverName) { | ||
| 364 | len = strlen(ses->serverName); | ||
| 365 | |||
| 366 | server = kmalloc(2 + (len * 2), GFP_KERNEL); | ||
| 367 | if (server == NULL) | ||
| 368 | goto calc_exit_1; | ||
| 369 | len = cifs_strtoUCS((__le16 *)server, ses->serverName, len, | ||
| 370 | nls_cp); | ||
| 371 | /* the following line was removed since it didn't work well | ||
| 372 | with lower cased domain name that passed as an option. | ||
| 373 | Maybe converting the domain name earlier makes sense */ | ||
| 374 | /* UniStrupr(domain); */ | ||
| 375 | |||
| 376 | crypto_shash_update(&sdesc.shash, (char *)server, 2 * len); | ||
| 377 | |||
| 378 | kfree(server); | ||
| 379 | } | 369 | } |
| 380 | calc_exit_1: | 370 | calc_exit_1: |
| 381 | kfree(user); | 371 | kfree(user); |
| 382 | calc_exit_2: | 372 | calc_exit_2: |
| 383 | /* BB FIXME what about bytes 24 through 40 of the signing key? | 373 | /* BB FIXME what about bytes 24 through 40 of the signing key? |
| 384 | compare with the NTLM example */ | 374 | compare with the NTLM example */ |
| 385 | rc = crypto_shash_final(&sdesc.shash, ses->server->ntlmv2_hash); | 375 | hmac_md5_final(ses->server->ntlmv2_hash, pctxt); |
| 386 | |||
| 387 | return rc; | ||
| 388 | } | ||
| 389 | |||
| 390 | static int | ||
| 391 | find_domain_name(struct cifsSesInfo *ses) | ||
| 392 | { | ||
| 393 | int rc = 0; | ||
| 394 | unsigned int attrsize; | ||
| 395 | unsigned int type; | ||
| 396 | unsigned char *blobptr; | ||
| 397 | struct ntlmssp2_name *attrptr; | ||
| 398 | |||
| 399 | if (ses->server->tiblob) { | ||
| 400 | blobptr = ses->server->tiblob; | ||
| 401 | attrptr = (struct ntlmssp2_name *) blobptr; | ||
| 402 | |||
| 403 | while ((type = attrptr->type) != 0) { | ||
| 404 | blobptr += 2; /* advance attr type */ | ||
| 405 | attrsize = attrptr->length; | ||
| 406 | blobptr += 2; /* advance attr size */ | ||
| 407 | if (type == NTLMSSP_AV_NB_DOMAIN_NAME) { | ||
| 408 | if (!ses->domainName) { | ||
| 409 | ses->domainName = | ||
| 410 | kmalloc(attrptr->length + 1, | ||
| 411 | GFP_KERNEL); | ||
| 412 | if (!ses->domainName) | ||
| 413 | return -ENOMEM; | ||
| 414 | cifs_from_ucs2(ses->domainName, | ||
| 415 | (__le16 *)blobptr, | ||
| 416 | attrptr->length, | ||
| 417 | attrptr->length, | ||
| 418 | load_nls_default(), false); | ||
| 419 | } | ||
| 420 | } | ||
| 421 | blobptr += attrsize; /* advance attr value */ | ||
| 422 | attrptr = (struct ntlmssp2_name *) blobptr; | ||
| 423 | } | ||
| 424 | } else { | ||
| 425 | ses->server->tilen = 2 * sizeof(struct ntlmssp2_name); | ||
| 426 | ses->server->tiblob = kmalloc(ses->server->tilen, GFP_KERNEL); | ||
| 427 | if (!ses->server->tiblob) { | ||
| 428 | ses->server->tilen = 0; | ||
| 429 | cERROR(1, "Challenge target info allocation failure"); | ||
| 430 | return -ENOMEM; | ||
| 431 | } | ||
| 432 | memset(ses->server->tiblob, 0x0, ses->server->tilen); | ||
| 433 | attrptr = (struct ntlmssp2_name *) ses->server->tiblob; | ||
| 434 | attrptr->type = cpu_to_le16(NTLMSSP_DOMAIN_TYPE); | ||
| 435 | } | ||
| 436 | 376 | ||
| 377 | kfree(pctxt); | ||
| 437 | return rc; | 378 | return rc; |
| 438 | } | 379 | } |
| 439 | 380 | ||
| 440 | static int | 381 | void setup_ntlmv2_rsp(struct cifsSesInfo *ses, char *resp_buf, |
| 441 | CalcNTLMv2_response(const struct TCP_Server_Info *server, | ||
| 442 | char *v2_session_response) | ||
| 443 | { | ||
| 444 | int rc; | ||
| 445 | struct { | ||
| 446 | struct shash_desc shash; | ||
| 447 | char ctx[crypto_shash_descsize(server->ntlmssp.hmacmd5)]; | ||
| 448 | } sdesc; | ||
| 449 | |||
| 450 | sdesc.shash.tfm = server->ntlmssp.hmacmd5; | ||
| 451 | sdesc.shash.flags = 0x0; | ||
| 452 | |||
| 453 | crypto_shash_setkey(server->ntlmssp.hmacmd5, server->ntlmv2_hash, | ||
| 454 | CIFS_HMAC_MD5_HASH_SIZE); | ||
| 455 | |||
| 456 | rc = crypto_shash_init(&sdesc.shash); | ||
| 457 | if (rc) { | ||
| 458 | cERROR(1, "could not initialize master crypto API hmacmd5\n"); | ||
| 459 | return rc; | ||
| 460 | } | ||
| 461 | |||
| 462 | memcpy(v2_session_response + CIFS_SERVER_CHALLENGE_SIZE, | ||
| 463 | server->cryptKey, CIFS_SERVER_CHALLENGE_SIZE); | ||
| 464 | crypto_shash_update(&sdesc.shash, | ||
| 465 | v2_session_response + CIFS_SERVER_CHALLENGE_SIZE, | ||
| 466 | sizeof(struct ntlmv2_resp) - CIFS_SERVER_CHALLENGE_SIZE); | ||
| 467 | |||
| 468 | if (server->tilen) | ||
| 469 | crypto_shash_update(&sdesc.shash, | ||
| 470 | server->tiblob, server->tilen); | ||
| 471 | |||
| 472 | rc = crypto_shash_final(&sdesc.shash, v2_session_response); | ||
| 473 | |||
| 474 | return rc; | ||
| 475 | } | ||
| 476 | |||
| 477 | int | ||
| 478 | setup_ntlmv2_rsp(struct cifsSesInfo *ses, char *resp_buf, | ||
| 479 | const struct nls_table *nls_cp) | 382 | const struct nls_table *nls_cp) |
| 480 | { | 383 | { |
| 481 | int rc = 0; | 384 | int rc; |
| 482 | struct ntlmv2_resp *buf = (struct ntlmv2_resp *)resp_buf; | 385 | struct ntlmv2_resp *buf = (struct ntlmv2_resp *)resp_buf; |
| 483 | struct { | 386 | struct HMACMD5Context context; |
| 484 | struct shash_desc shash; | ||
| 485 | char ctx[crypto_shash_descsize(ses->server->ntlmssp.hmacmd5)]; | ||
| 486 | } sdesc; | ||
| 487 | 387 | ||
| 488 | buf->blob_signature = cpu_to_le32(0x00000101); | 388 | buf->blob_signature = cpu_to_le32(0x00000101); |
| 489 | buf->reserved = 0; | 389 | buf->reserved = 0; |
| 490 | buf->time = cpu_to_le64(cifs_UnixTimeToNT(CURRENT_TIME)); | 390 | buf->time = cpu_to_le64(cifs_UnixTimeToNT(CURRENT_TIME)); |
| 491 | get_random_bytes(&buf->client_chal, sizeof(buf->client_chal)); | 391 | get_random_bytes(&buf->client_chal, sizeof(buf->client_chal)); |
| 492 | buf->reserved2 = 0; | 392 | buf->reserved2 = 0; |
| 493 | 393 | buf->names[0].type = cpu_to_le16(NTLMSSP_DOMAIN_TYPE); | |
| 494 | if (!ses->domainName) { | 394 | buf->names[0].length = 0; |
| 495 | rc = find_domain_name(ses); | 395 | buf->names[1].type = 0; |
| 496 | if (rc) { | 396 | buf->names[1].length = 0; |
| 497 | cERROR(1, "could not get domain/server name rc %d", rc); | ||
| 498 | return rc; | ||
| 499 | } | ||
| 500 | } | ||
| 501 | 397 | ||
| 502 | /* calculate buf->ntlmv2_hash */ | 398 | /* calculate buf->ntlmv2_hash */ |
| 503 | rc = calc_ntlmv2_hash(ses, nls_cp); | 399 | rc = calc_ntlmv2_hash(ses, nls_cp); |
| 504 | if (rc) { | 400 | if (rc) |
| 505 | cERROR(1, "could not get v2 hash rc %d", rc); | ||
| 506 | return rc; | ||
| 507 | } | ||
| 508 | rc = CalcNTLMv2_response(ses->server, resp_buf); | ||
| 509 | if (rc) { | ||
| 510 | cERROR(1, "could not get v2 hash rc %d", rc); | 401 | cERROR(1, "could not get v2 hash rc %d", rc); |
| 511 | return rc; | 402 | CalcNTLMv2_response(ses, resp_buf); |
| 512 | } | ||
| 513 | |||
| 514 | crypto_shash_setkey(ses->server->ntlmssp.hmacmd5, | ||
| 515 | ses->server->ntlmv2_hash, CIFS_HMAC_MD5_HASH_SIZE); | ||
| 516 | |||
| 517 | sdesc.shash.tfm = ses->server->ntlmssp.hmacmd5; | ||
| 518 | sdesc.shash.flags = 0x0; | ||
| 519 | |||
| 520 | rc = crypto_shash_init(&sdesc.shash); | ||
| 521 | if (rc) { | ||
| 522 | cERROR(1, "could not initialize master crypto API hmacmd5\n"); | ||
| 523 | return rc; | ||
| 524 | } | ||
| 525 | |||
| 526 | crypto_shash_update(&sdesc.shash, resp_buf, CIFS_HMAC_MD5_HASH_SIZE); | ||
| 527 | 403 | ||
| 528 | rc = crypto_shash_final(&sdesc.shash, | 404 | /* now calculate the MAC key for NTLMv2 */ |
| 529 | ses->server->session_key.data.ntlmv2.key); | 405 | hmac_md5_init_limK_to_64(ses->server->ntlmv2_hash, 16, &context); |
| 406 | hmac_md5_update(resp_buf, 16, &context); | ||
| 407 | hmac_md5_final(ses->server->mac_signing_key.data.ntlmv2.key, &context); | ||
| 530 | 408 | ||
| 531 | memcpy(&ses->server->session_key.data.ntlmv2.resp, resp_buf, | 409 | memcpy(&ses->server->mac_signing_key.data.ntlmv2.resp, resp_buf, |
| 532 | sizeof(struct ntlmv2_resp)); | 410 | sizeof(struct ntlmv2_resp)); |
| 533 | ses->server->session_key.len = 16 + sizeof(struct ntlmv2_resp); | 411 | ses->server->mac_signing_key.len = 16 + sizeof(struct ntlmv2_resp); |
| 534 | |||
| 535 | return rc; | ||
| 536 | } | 412 | } |
| 537 | 413 | ||
| 538 | int | 414 | void CalcNTLMv2_response(const struct cifsSesInfo *ses, |
| 539 | calc_seckey(struct TCP_Server_Info *server) | 415 | char *v2_session_response) |
| 540 | { | ||
| 541 | int rc; | ||
| 542 | unsigned char sec_key[CIFS_NTLMV2_SESSKEY_SIZE]; | ||
| 543 | struct crypto_blkcipher *tfm_arc4; | ||
| 544 | struct scatterlist sgin, sgout; | ||
| 545 | struct blkcipher_desc desc; | ||
| 546 | |||
| 547 | get_random_bytes(sec_key, CIFS_NTLMV2_SESSKEY_SIZE); | ||
| 548 | |||
| 549 | tfm_arc4 = crypto_alloc_blkcipher("ecb(arc4)", | ||
| 550 | 0, CRYPTO_ALG_ASYNC); | ||
| 551 | if (!tfm_arc4 || IS_ERR(tfm_arc4)) { | ||
| 552 | cERROR(1, "could not allocate " "master crypto API arc4\n"); | ||
| 553 | return 1; | ||
| 554 | } | ||
| 555 | |||
| 556 | crypto_blkcipher_setkey(tfm_arc4, | ||
| 557 | server->session_key.data.ntlmv2.key, CIFS_CPHTXT_SIZE); | ||
| 558 | sg_init_one(&sgin, sec_key, CIFS_CPHTXT_SIZE); | ||
| 559 | sg_init_one(&sgout, server->ntlmssp.ciphertext, CIFS_CPHTXT_SIZE); | ||
| 560 | rc = crypto_blkcipher_encrypt(&desc, &sgout, &sgin, CIFS_CPHTXT_SIZE); | ||
| 561 | |||
| 562 | if (!rc) | ||
| 563 | memcpy(server->session_key.data.ntlmv2.key, | ||
| 564 | sec_key, CIFS_NTLMV2_SESSKEY_SIZE); | ||
| 565 | |||
| 566 | crypto_free_blkcipher(tfm_arc4); | ||
| 567 | |||
| 568 | return 0; | ||
| 569 | } | ||
| 570 | |||
| 571 | void | ||
| 572 | cifs_crypto_shash_release(struct TCP_Server_Info *server) | ||
| 573 | { | ||
| 574 | if (server->ntlmssp.md5) | ||
| 575 | crypto_free_shash(server->ntlmssp.md5); | ||
| 576 | |||
| 577 | if (server->ntlmssp.hmacmd5) | ||
| 578 | crypto_free_shash(server->ntlmssp.hmacmd5); | ||
| 579 | } | ||
| 580 | |||
| 581 | int | ||
| 582 | cifs_crypto_shash_allocate(struct TCP_Server_Info *server) | ||
| 583 | { | 416 | { |
| 584 | server->ntlmssp.hmacmd5 = crypto_alloc_shash("hmac(md5)", 0, 0); | 417 | struct HMACMD5Context context; |
| 585 | if (!server->ntlmssp.hmacmd5 || | 418 | /* rest of v2 struct already generated */ |
| 586 | IS_ERR(server->ntlmssp.hmacmd5)) { | 419 | memcpy(v2_session_response + 8, ses->server->cryptKey, 8); |
| 587 | cERROR(1, "could not allocate master crypto API hmacmd5\n"); | 420 | hmac_md5_init_limK_to_64(ses->server->ntlmv2_hash, 16, &context); |
| 588 | return 1; | ||
| 589 | } | ||
| 590 | 421 | ||
| 591 | server->ntlmssp.md5 = crypto_alloc_shash("md5", 0, 0); | 422 | hmac_md5_update(v2_session_response+8, |
| 592 | if (!server->ntlmssp.md5 || IS_ERR(server->ntlmssp.md5)) { | 423 | sizeof(struct ntlmv2_resp) - 8, &context); |
| 593 | crypto_free_shash(server->ntlmssp.hmacmd5); | ||
| 594 | cERROR(1, "could not allocate master crypto API md5\n"); | ||
| 595 | return 1; | ||
| 596 | } | ||
| 597 | 424 | ||
| 598 | return 0; | 425 | hmac_md5_final(v2_session_response, &context); |
| 426 | /* cifs_dump_mem("v2_sess_rsp: ", v2_session_response, 32); */ | ||
| 599 | } | 427 | } |